IMPORTANT: No additional bug fixes or documentation updates will be released for this version. For the latest information, see the current release documentation.
« Auditbeat anomaly detection configurations Metricbeat anomaly detection configurations »
Elastic Docs Machine Learning in the Elastic Stack [7.8] Anomaly detection Supplied anomaly detection configurations

Logs anomaly detection configurations

edit

Logs anomaly detection configurations

edit

These anomaly detection jobs appear by default in the Logs app in Kibana. For more details, see the datafeed and job definitions in the logs_ui_* folders in GitHub.

log_entry_categories_count
  • For log entry categories via the Logs UI.
  • Models the occurrences of log events (partition_field_name is event.dataset).
  • Detects anomalies in count of log entries by category (using the count function).
log_entry_rate
  • For log entries via the Logs UI.
  • Models ingestion rates (partition_field_name is event.dataset).
  • Detects anomalies in the log entry ingestion rate (using the low_count function).
« Auditbeat anomaly detection configurations Metricbeat anomaly detection configurations »