Custom Machine Learning Model on Elastic Security

Hi, I am doing a small side project and this is my first time diving into Elastic Security. Read several documentations, however it doesn't clarify my doubt, so am asking here instead. So my question is -

Is it possible to use/load a custom Machine Learning Model (to detect threats) on Elastic Security that will be running against my ingested logs (currently already available under Observability > Logs) so that alerts can be generated? To my understanding, custom ML Models can be used by using Eland however how do I incorporate it to Elastic Security. Appreciate any help.

Thank you.

If I understand your question correctly you want to have a custom ML model loaded in Elastic Agent's Defend integration on your hosts.

This is not supported to my knowledge.

Hi, thank you for the reply. Oh, not really referring to the integration because if my understanding is correct, Elastic Defend integration does live 'monitoring' on each particular agent right? But what I already have is a bunch of baseline & malicious logs that already has been ingested into Elastic from a simulated environment I created (and I am no longer ingesting anything in real time) that I would want to run against a custom ML model and then make use of Elastic Security dashboard/alerts feature to show the findings. Not too sure if its a plausible use case of Elastic Security, thus wanting to find out.

Any updates on this? Thanks.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.