Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from Machine Learning with the Elastic Stack Expert techniques to integrate machine learning with distributed search and analytics

Product type Paperback

Published in Jan 2019

Publisher Packt

ISBN-13 9781788477543

Length 304 pages

Edition 1st Edition

Tools

Elasticsearch

Concepts

Machine Learning

Authors (2):

Bahaaldine Azarmi

Rich Collier

View More author details

Table of Contents (12) Chapters

Preface

Machine Learning for IT FREE CHAPTER

Installing the Elastic Stack with Machine Learning

Event Change Detection

IT Operational Analytics and Root Cause Analysis

Security Analytics with Elastic Machine Learning

Alerting on ML Analysis

Using Elastic ML Data in Kibana Dashboards

Using Elastic ML with Kibana Canvas

Forecasting

ML Tips and Tricks

Other Books You May Enjoy

Leave a review - let other readers know what you think

Threat hunting architecture

In this section, we'll go through the basic building blocks of a threat hunting architecture structure. These include a multiple ingestion layer starting with Beats to collect the data from different sources and Logstash to enrich the data for threat intelligence. Once the data has been properly prepared, the next step will be to focus on the investigation analytics.

Layer-based ingestion

A threat hunting architecture relies on rich and reliable data ingestion that will allow you to detect and investigate anomalous behaviors. In our scenario, we need to use both data coming from end user workstations and data coming from the network. Luckily, we have Packetbeat and Winlogbeat, which capture...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $19.99/month. Cancel anytime

Authors (2)

Rich Collier

Rich Collier is a solutions architect at Elastic. Joining the Elastic team from the Prelert acquisition, Rich has over 20 years' experience as a solutions architect and pre-sales systems engineer for software, hardware, and service-based solutions. Rich's technical specialties include big data analytics, machine learning, anomaly detection, threat detection, security operations, application performance management, web applications, and contact center technologies. Rich is based in Boston, Massachusetts.

See other products by Rich Collier

Bahaaldine Azarmi

Bahaaldine Azarmi, or Baha for short, is the head of solutions architecture in the EMEA South region at Elastic. Prior to this position, Baha co-founded ReachFive, a marketing data platform focused on user behavior and social analytics. He has also worked for a number of different software vendors, including Talend and Oracle, where he held positions as a solutions architect and architect. Prior to Machine Learning with the Elastic Stack, Baha authored books including Learning Kibana 5.0, Scalable Big Data Architecture, and Talend for Big Data. He is based in Paris and holds an MSc in computer science from Polytech'Paris.

See other products by Bahaaldine Azarmi