maxmustermann/kibana
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
kibana/docs/siem/machine-learning.asciidoc
Garrett Spong e6d4d9703e
[SIEM] Adds Machine Learning section to 'Using the SIEM UI' docs (#42399) 
## Summary

Adding `Anomaly Detection with Machine Learning` section to docs for new Machine Learning features.

Example generated docs:

![image](https://user-images.githubusercontent.com/2946766/62312719-2a32d780-b44c-11e9-9967-4639eedf05d5.png)




### Checklist

Use ~~strikethroughs~~ to remove checklist items you don't feel are applicable to this PR.

- [] ~This was checked for cross-browser compatibility, [including a check against IE11](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#cross-browser-compatibility)~
- [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/master/packages/kbn-i18n/README.md)
- [x] [Documentation](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#writing-documentation) was added for features that require explanation or tutorials
- [ ] ~[Unit or functional tests](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#cross-browser-compatibility) were updated or added to match the most common scenarios~
- [ ] ~This was checked for [keyboard-only and screenreader accessibility](https://developer.mozilla.org/en-US/docs/Learn/Tools_and_testing/Cross_browser_testing/Accessibility#Accessibility_testing_checklist)~

### For maintainers

- [ ] ~This was checked for breaking API changes and was [labeled appropriately](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#release-notes-process)~
- [ ] ~This includes a feature addition or change that requires a release note and was [labeled appropriately](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#release-notes-process)~
2019-08-02 07:28:53 -06:00

17 lines
840 B
Plaintext
Raw Blame History

[role="xpack"]
[[machine-learning]]
== Anomaly Detection with Machine Learning
For *https://www.elastic.co/cloud/elasticsearch-service/signup[Free Trial]*
and *https://www.elastic.co/subscriptions[Platinum License]* deployments,
Machine Learning functionality is available throughout the SIEM app. You can
view the details of detected anomalies within the `Anomalies` table widget
shown on the Hosts, Network and associated Details pages, or even narrow to
the specific daterange of an anomaly from the `Max Anomaly Score` details in
the overview of the Host and IP Details pages. Each of these interfaces also
offer the ability to drag and drop details of the anomaly to Timeline, such
as the `Entity` itself, or any of the associated `Influencers`.
[role="screenshot"]
image::siem/images/ml-ui.png[Machine Learning - Max Anomaly Score]
Reference in a new issue View git blame Copy permalink