Set up machine learning features

edit

To use the Elastic Stack machine learning features, you must have the appropriate subscription and at least one machine learning node in your cluster.

If Elastic Stack security features are enabled, you must also ensure your users have the necessary privileges. If the operator privileges feature is enabled, there are some machine learning settings that can be updated only by operator users.

The fastest way to get started with machine learning features is to start a free 14-day trial of Elasticsearch Service in the cloud.

Machine learning nodes

edit

To use machine learning features, there must be at least one machine learning node in your cluster. A machine learning node is a node that has xpack.ml.enabled set to true and ml in node.roles.

If nodes do not have the machine learning role, they cannot run machine learning jobs. If xpack.ml.enabled is true, however, they can service API requests. For more information, see Machine learning nodes and Machine learning settings in Elasticsearch.

Security privileges

edit

Elasticsearch security privileges

edit

The Elastic Stack security features provide roles and privileges that make it easier to control which users can manage or view machine learning objects such as jobs, datafeeds, results, and model snapshots.

If you use machine learning APIs, you must have the machine_learning_admin or machine_learning_user built-in roles or the equivalent cluster privileges and the following index privileges:

For full access:

  • read and view_index_metadata on source indices
  • read, manage, and index on destination indices (for data frame analytics jobs only)

For read-only access:

  • read index privileges on source indices
  • read index privileges on destination indices (for data frame analytics jobs only)

Kibana privileges

edit

In Kibana, the machine learning features must be visible in your space and your source index patterns must exist in the same space as your machine learning jobs.

Kibana enables you to control access to the machine learning features within each space. You can manage your roles, privileges, and spaces in the Stack Management app in Kibana. For more information, see Security privileges and Kibana privileges.

The machine_learning_admin and machine_learning_user roles grant access to the machine learning features in all Kibana spaces. Therefore, when you use Kibana, use custom roles instead and set your Kibana privileges appropriately for each space.

For full access to the machine learning features in Kibana, you must have:

  • all Kibana privileges for the machine learning features in the appropriate spaces
  • read and view_index_metadata index privileges on source indices
  • read, manage, and index index privileges on destination indices (for data frame analytics jobs only)

For read-only access to the machine learning features in Kibana, you must have:

  • read Kibana privileges for the machine learning features in the appropriate spaces
  • read index privileges on source indices
  • read index privileges on destination indices (for data frame analytics jobs only)

To upload files in Kibana with the File Data Visualizer, you must have:

  • all Kibana privileges for the Machine Learning or Discover features in the appropriate spaces. Alternatively, read Kibana privileges for the Machine Learning feature and all Kibana privileges for the Index Pattern Management feature
  • manage_pipeline or manage_ingest_pipelines cluster privileges
  • create, create_index, manage and read index privileges for destination indices

You cannot limit access to specific machine learning objects in each space. If the machine learning feature is visible in your space and you have read or all Kibana privileges for the feature, you have access to all machine learning objects in that space.