IMPORTANT: No additional bug fixes or documentation updates
will be released for this version. For the latest information, see the
current release documentation.
Advanced Entity Analytics
editAdvanced Entity Analytics
editAdvanced Entity Analytics generates a set of threat detection and risk analytics that allows you to expedite alert triage and hunt for new threats from within an entity’s environment. This feature combines the power of the SIEM detection engine and Elastic’s machine learning capabilities to identify unusual user behaviors and generate comprehensive risk analytics for hosts and users.
Advanced Entity Analytics provides two key capabilities: