The machine learning anomaly detection features automate the analysis of time series data by creating accurate baselines of normal behavior in your data. These baselines then enable you to identify anomalous events or patterns. Data is pulled from Elasticsearch for analysis and anomaly results are displayed in Kibana dashboards. For example, the Machine Learning app provides charts that illustrate the actual data values, the bounds for the expected values, and the anomalies that occur outside these bounds.
The typical workflow for performing anomaly detection is as follows:
Intro to Kibana
ELK for Logs & Metrics