- Machine Learning: other versions:
- What is Elastic Machine Learning?
- Setup and security
- Anomaly detection
- Finding anomalies
- Tutorial: Getting started with anomaly detection
- Advanced concepts
- API quick reference
- How-tos
- Generating alerts for anomaly detection jobs
- Aggregating data for faster performance
- Altering data in your datafeed with runtime fields
- Customizing detectors with custom rules
- Detecting anomalous categories of data
- Performing population analysis
- Reverting to a model snapshot
- Detecting anomalous locations in geographic data
- Mapping anomalies by location
- Adding custom URLs to machine learning results
- Anomaly detection jobs from visualizations
- Exporting and importing machine learning jobs
- Resources
- Function reference
- Supplied configurations
- Apache anomaly detection configurations
- APM anomaly detection configurations
- Auditbeat anomaly detection configurations
- Logs anomaly detection configurations
- Metricbeat anomaly detection configurations
- Metrics anomaly detection configurations
- Nginx anomaly detection configurations
- Security anomaly detection configurations
- Uptime anomaly detection configurations
- Data frame analytics
- Natural language processing
This documentation contains work-in-progress information for future Elastic Stack and Cloud releases. Use the version selector to view supported release docs. It also contains some Elastic Cloud serverless information. Check out our serverless docs for more details.
Finding anomalies in time series data
editFinding anomalies in time series data
editThe machine learning anomaly detection features automate the analysis of time series data by creating accurate baselines of normal behavior in your data. These baselines then enable you to identify anomalous events or patterns. Data is pulled from Elasticsearch for analysis and anomaly results are displayed in Kibana dashboards. For example, the Machine Learning app provides charts that illustrate the actual data values, the bounds for the expected values, and the anomalies that occur outside these bounds.
The typical workflow for performing anomaly detection is as follows:
Was this helpful?
Thank you for your feedback.