- Machine Learning: other versions:
- What is Elastic Machine Learning?
- Setup and security
- Anomaly detection
- Finding anomalies
- Tutorial: Getting started with anomaly detection
- Advanced concepts
- API quick reference
- How-tos
- Generating alerts for anomaly detection jobs
- Aggregating data for faster performance
- Altering data in your datafeed with runtime fields
- Customizing detectors with custom rules
- Detecting anomalous categories of data
- Performing population analysis
- Reverting to a model snapshot
- Detecting anomalous locations in geographic data
- Mapping anomalies by location
- Adding custom URLs to machine learning results
- Anomaly detection jobs from visualizations
- Exporting and importing machine learning jobs
- Resources
- Data frame analytics
- Natural language processing
Plan your anomaly detection analysis
editPlan your anomaly detection analysis
editThe machine learning features in Elastic Stack enable you to seek anomalies in your data in many different ways. Using proprietary machine learning algorithms, the following circumstances are detected:
- Anomalies related to temporal deviations in values, counts, or frequencies
- Anomalies related to unusual locations in geographic data
- Statistical rarity
- Unusual behaviors for a member of a population
Automated periodicity detection and quick adaptation to changing data ensure that you don’t need to specify algorithms, models, or other data science-related configurations in order to get the benefits of machine learning.
When you are deciding which type of anomaly detection to use, the most important considerations are the data sets that you have available and the type of behavior you want to detect.
If you are uncertain where to begin, Kibana can recognize certain types of data and suggest useful anomaly detection jobs. Likewise, some Elastic Agent integrations include anomaly detection job configuration information, dashboards, searches, and visualizations that are customized to help you analyze your data.
For the full list of functions that you can use in your anomaly detection jobs, see Function reference. For a list of the preconfigured jobs, see Supplied configurations.