Search icon Close icon
Search icon
0
Cart icon
Close icon
You have no products in your basket yet
Arrow left icon
All Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletters
Free Learning
Arrow right icon
Machine Learning with the Elastic Stack - Second Edition

You're reading from  Machine Learning with the Elastic Stack - Second Edition

Product type Book
Published in May 2021
Publisher Packt
ISBN-13 9781801070034
Pages 450 pages
Edition 2nd Edition
Languages
Concepts
Authors (3):
Rich Collier Rich Collier
Profile icon Rich Collier
LinkedIn
Rich Collier is a solutions architect at Elastic. Joining the Elastic team from the Prelert acquisition, Rich has over 20 years' experience as a solutions architect and pre-sales systems engineer for software, hardware, and service-based solutions. Rich's technical specialties include big data analytics, machine learning, anomaly detection, threat detection, security operations, application performance management, web applications, and contact center technologies. Rich is based in Boston, Massachusetts.
See other products by Rich Collier
Camilla Montonen Camilla Montonen
Profile icon Camilla Montonen
LinkedIn
Camilla Montonen is a Senior Machine Learning Engineer at Elastic.
See other products by Camilla Montonen
Bahaaldine Azarmi Bahaaldine Azarmi
Profile icon Bahaaldine Azarmi
LinkedIn
Bahaaldine Azarmi, Global VP Customer Engineering at Elastic, guides companies as they leverage data architecture, distributed systems, machine learning, and generative AI. He leads the customer engineering team, focusing on cloud consumption, and is passionate about sharing knowledge to build and inspire a community skilled in AI.
See other products by Bahaaldine Azarmi
View More author details

Table of Contents (19) Chapters

Preface Section 1 – Getting Started with Machine Learning with Elastic Stack
Chapter 1: Machine Learning for IT Chapter 2: Enabling and Operationalization Section 2 – Time Series Analysis – Anomaly Detection and Forecasting
Chapter 3: Anomaly Detection Chapter 4: Forecasting Chapter 5: Interpreting Results Chapter 6: Alerting on ML Analysis Chapter 7: AIOps and Root Cause Analysis Chapter 8: Anomaly Detection in Other Elastic Stack Apps Section 3 – Data Frame Analysis
Chapter 9: Introducing Data Frame Analytics Chapter 10: Outlier Detection Chapter 11: Classification Analysis Chapter 12: Regression Chapter 13: Inference Other Books You May Enjoy Appendix: Anomaly Detection Tips

Chapter 8: Anomaly Detection in Other Elastic Stack Apps

When the first edition of this book was authored two years ago, there was no concept of other apps within the stack leveraging Elastic ML for domain-specific solutions. However, since then, Elastic ML has become a provider of anomaly detection for domain-specific solutions, providing tailor-made job configurations that users can enable with a single click.

In this chapter, we will explore what Elastic ML brings to various Elastic Stack apps:

  • Anomaly detection in Elastic APM
  • Anomaly detection in the Logs app
  • Anomaly detection in the Metrics app
  • Anomaly detection in the Uptime app
  • Anomaly detection in the Elastic Security app

Technical requirements

The information in this chapter is relevant as of v7.12 of the Elastic Stack.

Anomaly detection in Elastic APM

Elastic APM takes application monitoring and performance management to a whole new level by allowing users to instrument their application code to get deep insights into the performance of individual microservices and transactions. In complex environments, this could generate a large number of measurements and poses a potentially paradoxical situation – one in which greater observability is obtained via this detailed level of measurement while possibly overwhelming the analyst who has to sift through the results for actionable insights.

Fortunately, Elastic APM and Elastic ML are a match made in heaven. Anomaly detection not only automatically adapts to the unique performance characteristics of each transaction type via unsupervised machine learning, but it can also scale to handle the possibly voluminous amounts of data that APM can generate.

While the user is always free to create anomaly detection jobs against any kind of time-series...

Anomaly detection in the Logs app

The Logs app inside of the Observability section of Kibana offers a similar view of your data as the Discover app. However, the users who appreciate more of a live tail view of their logs, regardless of the index the data is stored, will love the Logs app:

Figure 8.16 – The Logs app, part of the Observability section of Kibana

Notice that there is both an Anomalies tab and a Categories tab. Let's first discuss the Categories section.

Log categories

Elastic ML's categorization capabilities, first shown back in Chapter 3, Anomaly Detection, are applied in a generic way to any index of unstructured log data. Within the Logs app, however, categorization is employed with some more strict constraints on the data. In short, the data is expected to be in Elastic Common Schema (ECS) with certain fields defined (especially a field called event.dataset).

Note

The logs dataset from Chapter 7, AIOps and Root...

Anomaly detection in the Uptime app

The Uptime app allows simple availability and response time monitoring of services via a variety of network protocols, including HTTP/S, TCP, and ICMP:

  1. Often classified as synthetic monitoring, the Uptime app uses Heartbeat to actively probe network endpoints from one or more locations:

      

    Figure 8.25 – The Uptime app in Kibana

  2. If you would like to enable anomaly detection on a monitor, simply click on the monitor name to see the monitor detail. Within the Monitor duration panel, notice the Enable anomaly detection button:

      

    Figure 8.26 – Enabling anomaly detection for an Uptime monitor

  3. Clicking on the Enable anomaly detection button creates the job in the background and offers the user the option to create an alert for anomalies surfaced by the job:

      

    Figure 8.27 – Creating an alert on the anomaly detection job in the Uptime app

  4. Once the anomaly detection job is available, any anomalies...

Anomaly detection in the Elastic Security app

Elastic Security is truly the quintessence of a purpose-driven application in the Elastic Stack. Created from the ground up with the security analyst's workflow in mind, the comprehensiveness of the Elastic Security app could fill an entire book on its own. However, the heart of the Elastic Security app is the Detections feature in which user- and Elastic-created rules execute to create alerts when rules' conditions are met. As we'll see, Elastic ML plays a significant role in the Detections feature.

Prebuilt anomaly detection jobs

The majority of the detection rules in Elastic Security are static, but many are backed by prebuilt anomaly detection jobs that operate on the data collected from Elastic Agent or Beats, or equivalent data that conforms with the ECS fields that are applicable for each job type. To see a comprehensive list of anomaly detection jobs supplied by Elastic, view the datafeed and job configuration...

Summary

Elastic ML has clearly infiltrated many of the other apps in the Elastic Stack, bringing easy-to-use functionality to users' fingertips. This proves how much Elastic ML is really a core functionality to the Stack itself, akin to other key stack features such as aggregations.

Congratulations, you have reached the end of the first half of this book, and hopefully you feel well armed with everything that you need to know about Elastic ML's anomaly detection.

Now, we will venture into the "other side" of Elastic ML – data frame analytics – where you will learn how to bring other machine learning techniques (including supervised-based model creation and inferencing) to open up analytical solutions to a vast new array of use cases.

lock icon The rest of the chapter is locked
arrow left Previous Chapter
Chapter 1 of 19
Next Chapter arrow right
You have been reading a chapter from
Machine Learning with the Elastic Stack - Second Edition
Published in: May 2021 Publisher: Packt ISBN-13: 9781801070034
© 2021 Packt Publishing Limited All Rights Reserved
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Sign up now
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Start free trial
Renews at $15.99/month. Cancel anytime}

Authors (3)

Left arrow icon
Profile icon Rich Collier
LinkedIn
Rich Collier is a solutions architect at Elastic. Joining the Elastic team from the Prelert acquisition, Rich has over 20 years' experience as a solutions architect and pre-sales systems engineer for software, hardware, and service-based solutions. Rich's technical specialties include big data analytics, machine learning, anomaly detection, threat detection, security operations, application performance management, web applications, and contact center technologies. Rich is based in Boston, Massachusetts.
See other products by Rich Collier
Profile icon Camilla Montonen
LinkedIn
Camilla Montonen is a Senior Machine Learning Engineer at Elastic.
See other products by Camilla Montonen
Profile icon Bahaaldine Azarmi
LinkedIn
Bahaaldine Azarmi, Global VP Customer Engineering at Elastic, guides companies as they leverage data architecture, distributed systems, machine learning, and generative AI. He leads the customer engineering team, focusing on cloud consumption, and is passionate about sharing knowledge to build and inspire a community skilled in AI.
See other products by Bahaaldine Azarmi
Right arrow icon

Other recommended products

Related to this chapter
Left arrow icon
Machine Learning with the Elastic Stack
Machine Learning with the Elastic Stack
Elastic has announced the integration of Prelert machine learning technology within its ecosystem allowing real-time generation of business insights from the Elasticsearch data without it leaving the cluster at all. This book will demonstrate these unique features and teach you to perform machine learning on the Elastic Stack without any hassle.
Jan 2019 10 hours 8 minutes
Learning Kibana 7
Learning Kibana 7
This book will introduce you to Kibana 7, and will show you how it fits into the Elastic stack. You will build a pure metric analytics architecture and visualize it using Timelion. You will also learn how to build relationships between documents using Graph visualization. You will also learn to build powerful Elastic dashboards using Kibana.
Jul 2019 9 hours 20 minutes
Mastering Kibana 6.x
Mastering Kibana 6.x
Mastering Kibana 6.x provides a rundown explanation required for data visualization and analysis such as X-Pack features, Beats, and machine learning. You will be expert in creating analytics-driven visualizations from a web application. You will be a maestro in creating custom monitoring dashboard using Beats with various examples
Jul 2018 12 hours 32 minutes
Advanced Elasticsearch 7.0
Advanced Elasticsearch 7.0
Advanced Elasticsearch 7.0, will help the readers to leverage new features and Core APIs of Elasticsearch to perform advanced search operations. This book covers data modeling, aggregations, pipeline processing, and data Analytics using Elasticsearch
Aug 2019 18 hours 40 minutes
Threat Hunting with Elastic Stack
Threat Hunting with Elastic Stack
Elastic security offers enhanced threat hunting capabilities to build active defense strategies. Complete with practical examples and tips, this easy-to-follow guide will help you enhance your security skills by leveraging the Elastic Stack for security monitoring, incident response, intelligence analysis, or threat hunting.
Jul 2021 13 hours 4 minutes
Learning Kibana 5.0
Learning Kibana 5.0
Feb 2017 9 hours 28 minutes
Right arrow icon

Personalised recommendations for you

Based on your interests and search pattern
Left arrow icon
Et al.
Et al.
Ever wonder why speech recognition systems don't understand the Scottish accent, or what would happen if an astronaut only ate mac 'n' cheese, or other spurious reflections you'd have at a bar? We did, then collated those deliberations into absurd research articles with fake figures and methodologies inspired by even more fictionally absurd studies.
Aug 2023 7 hours 40 minutes
Generative AI with LangChain
Generative AI with LangChain
This book is a comprehensive introduction to LLMs and LangChain, demystifying the basic mechanics of LangChain, its functionalities, and the myriad of applications it can be integrated into.
Dec 2023 12 hours 0 minutes
Generative AI with LangChain
Generative AI with LangChain
This book is a comprehensive introduction to LLMs and LangChain, demystifying the basic mechanics of LangChain, its functionalities, and the myriad of applications it can be integrated into.
Dec 2023 12 hours 0 minutes
Generative AI with LangChain
Generative AI with LangChain
This book is a comprehensive introduction to LLMs and LangChain, demystifying the basic mechanics of LangChain, its functionalities, and the myriad of applications it can be integrated into.
Dec 2023 12 hours 0 minutes
Generative AI with LangChain
Generative AI with LangChain
This book is a comprehensive introduction to LLMs and LangChain, demystifying the basic mechanics of LangChain, its functionalities, and the myriad of applications it can be integrated into.
Dec 2023 12 hours 0 minutes
Mastering Tableau 2023
Mastering Tableau 2023
This book is a comprehensive resource to mastering your Tableau skills and becoming a BI expert. As you progress, you will learn how to build advanced dashboards and improve your storytelling to derive key business insight, as well as make you well-versed with advanced functionalities of Tableau in the business intelligence domain.
Aug 2023 22 hours 48 minutes
Building AI Applications with ChatGPT APIs
Building AI Applications with ChatGPT APIs
This guide covers all ChatGPT API features for effortless creation of robust AI powered apps. With its help, you’ll be able to leverage ChatGPT’s cutting-edge NLP models to take your app development skills to the next level. You’ll also work on ten exciting projects that will give you the practical know-how that you can apply to your existing applications.
Sep 2023 8 hours 36 minutes
Building AI Applications with ChatGPT APIs
Building AI Applications with ChatGPT APIs
This guide covers all ChatGPT API features for effortless creation of robust AI powered apps. With its help, you’ll be able to leverage ChatGPT’s cutting-edge NLP models to take your app development skills to the next level. You’ll also work on ten exciting projects that will give you the practical know-how that you can apply to your existing applications.
Sep 2023 8 hours 36 minutes
Data Engineering with AWS
Data Engineering with AWS
Embark on a journey to master data engineering pipelines on AWS! Our book offers a hands-on experience of AWS services for ingesting, transforming, and consuming data. Whether you're an absolute beginner or someone with basic data engineering experience, this guide is an indispensable resource.
Oct 2023 21 hours 12 minutes
Modern Data Architecture on AWS
Modern Data Architecture on AWS
Every organization wants an agile, performant, and cost-effective data platform that meets all their current and future business needs. Purpose-built AWS analytics services and their features play a big part in building such a modern data platform. This book brings to you all the design and architectural patterns that’ll help you achieve this goal.
Aug 2023 14 hours 0 minutes
Practical Guide to Applied Conformal Prediction in Python
Practical Guide to Applied Conformal Prediction in Python
Discover the power of Conformal Prediction with the "Practical Guide to Applied Conformal Prediction in Python." Master the latest techniques to quantify uncertainty in machine learning and computer vision models, and seamlessly apply them to your industry applications.
Dec 2023 8 hours 0 minutes
TinyML Cookbook
TinyML Cookbook
With over 70 project-based recipes, the TinyML Cookbook is a practical guide that will help you to get the most out of your microcontrollers. It provides a comprehensive understanding of the theoretical foundations while giving you hands-on experience training ML models for deployment on Arduino Nano 33 BLE Sense, Raspberry Pi Pico, and SparkFun RedBoard Artemis Nano microcontrollers.
Nov 2023 22 hours 8 minutes
Right arrow icon