Hi, I am doing a small side project and this is my first time diving into Elastic Security. Read several documentations, however it doesn't clarify my doubt, so am asking here instead. So my question is -
Is it possible to use/load a custom Machine Learning Model (to detect threats) on Elastic Security that will be running against my ingested logs (currently already available under Observability > Logs) so that alerts can be generated? To my understanding, custom ML Models can be used by using Eland however how do I incorporate it to Elastic Security. Appreciate any help.
Hi, thank you for the reply. Oh, not really referring to the integration because if my understanding is correct, Elastic Defend integration does live 'monitoring' on each particular agent right? But what I already have is a bunch of baseline & malicious logs that already has been ingested into Elastic from a simulated environment I created (and I am no longer ingesting anything in real time) that I would want to run against a custom ML model and then make use of Elastic Security dashboard/alerts feature to show the findings. Not too sure if its a plausible use case of Elastic Security, thus wanting to find out.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.