Anomaly Detection with Machine Learning

For Free Trial and Platinum License deployments, Machine Learning functionality is available throughout the SIEM app. You can view the details of detected anomalies within the Anomalies table widget shown on the Hosts, Network and associated Details pages, or even narrow to the specific daterange of an anomaly from the Max Anomaly Score details in the overview of the Host and IP Details pages. Each of these interfaces also offer the ability to drag and drop details of the anomaly to Timeline, such as the Entity itself, or any of the associated Influencers.

Machine Learning - Max Anomaly Score