Machine learning job and rule requirements
editMachine learning job and rule requirements
editTo run and create machine learning jobs and rules, you need all of these:
- The appropriate license
- There must be at least one machine learning node in your cluster
-
The
machine_learning_admin
user role
Additionally, to configure alert suppression for machine learning rules, your role needs the following index privilege:
-
read
permission for the.ml-anomalies-*
index
For more information, go to Set up machine learning features.
The machine_learning_admin
and machine_learning_user
built-in roles give
access to the results of all anomaly detection jobs, irrespective of whether the user
has access to the source indices. Likewise, a user who has full or read-only
access to machine learning features within a given Kibana space can view the results of all
anomaly detection jobs that are visible in that space. You must carefully consider who
is given these roles and feature privileges; anomaly detection job results may propagate
field values that contain sensitive information from the source indices to the
results.