What this book covers

Chapter 1, Machine Learning for IT, is an introductory and background primer on the historical challenges of manual data analysis in IT and security operations. This chapter provides a comprehensive overview of the theory of operation of Elastic ML in order to get an intrinsic understanding of what is happening under the hood.

Chapter 2, Installing the Elastic Stack with Machine Learning, walks you through the comprehensive and descriptive installation procedures for Elasticsearch, Kibana, Metricbeat, and the enabling of the ML feature. This is followed by several working examples of data analysis executed on Metricbeat data to introduce the basics of the mechanics of the ML analysis jobs.

Chapter 3, Event Change Detection, goes into detail regarding the count-based analysis techniques that are at the crux of effective log file analysis.

Chapter 4, IT Operational Analytics and Root Cause Analysis, explains how leveraging Elastic ML to holistically inspect and analyze data from disparate data sources into correlated views gives the analyst a leg up in terms of legacy approaches.

Chapter 5, Security Analytics with Elastic Machine Learning, explains how anomaly detection and behavioral analytics have become a must-have feature for assisting security experts in detecting and unraveling the advanced persistent threats posed by today's cyber adversaries. Elastic ML's approach of detecting behavioral outliers fits perfectly into the strategies of those analysts who use the Elastic Stack for security-based machine data.

Chapter 6, Alerting on ML Analysis, explains the different techniques for integrating the proactive notification capability of Elastic Alerting with the insights uncovered by ML in order to make anomaly detection even more actionable.

Chapter 7, Using Elastic ML Data in Kibana Dashboards, explains how to augment your traditional Kibana dashboard visualizations with information gleaned from ML.

Chapter 8, Using Elastic ML with Kibana Canvas, covers how to create pixel-perfect live reports with real-time data analysis from ML.

Chapter 9, Forecasting, explains how Elastic ML's sophisticated time-series models can be used for more than just anomaly detection. Forecasting capabilities enable users to extrapolate trends and behaviors into the future so as to assist with use cases such as capacity planning.

Chapter 10, ML Tips and Tricks, includes a variety of practical advice topics that didn't quite fit in other chapters. These useful tidbits will help you to get the most out of Elastic ML.