You're reading from Getting Started with Elastic Stack 8.0 Run powerful and scalable data platforms to search, observe, and secure your organization

Product type Paperback

Published in Mar 2022

Publisher Packt

ISBN-13 9781800569492

Length 474 pages

Edition 1st Edition

Tools

Elasticsearch

Concepts

Enterprise Search

Author (1):

Asjad Athick

View More author details

Table of Contents (18) Chapters

Preface

1. Section 1: Core Components

2. Chapter 1: Introduction to the Elastic Stack FREE CHAPTER

3. Chapter 2: Installing and Running the Elastic Stack

4. Section 2: Working with the Elastic Stack

5. Chapter 3: Indexing and Searching for Data

6. Chapter 4: Leveraging Insights and Managing Data on Elasticsearch

7. Chapter 5: Running Machine Learning Jobs on Elasticsearch

8. Chapter 6: Collecting and Shipping Data with Beats

9. Chapter 7: Using Logstash to Extract, Transform, and Load Data

10. Chapter 8: Interacting with Your Data on Kibana

11. Chapter 9: Managing Data Onboarding with Elastic Agent

12. Section 3: Building Solutions with the Elastic Stack

13. Chapter 10: Building Search Experiences Using the Elastic Stack

14. Chapter 11: Observing Applications and Infrastructure Using the Elastic Stack

15. Chapter 12: Security Threat Detection and Response Using the Elastic Stack

16. Chapter 13: Architecting Workloads on the Elastic Stack

17. Other Books You May Enjoy

Summary

In this chapter, we looked at applying supervised and unsupervised machine learning techniques on data in Elasticsearch for various use cases.

First, we explored the use of unsupervised learning to look for anomalous behavior in time series data. We used single-metric, multi-metric, and population jobs to analyze a dataset of web application logs to look for potentially malicious activity.

Next, we looked at the use of supervised learning to train a machine learning model for classifying to classify requests to the web application as malicious using features in the request (primarily the HTTP request/response size values).

Finally, we looked at how the inference processor in ingest pipelines can be used to run continuous inference using a trained model for new data.

In the next chapter, we will move our focus to Beats and their role in the data pipeline. We will look at how different types of events can be collected by Beats agents and sent to Elasticsearch or Logstash...