You are looking at preliminary documentation for a future release.
Not what you want? See the
current release documentation.
Appendix C: Auditbeat anomaly detection configurationsedit
These anomaly detection job wizards appear in Kibana if you use Auditbeat to audit process activity on your systems. For more details, see the datafeed and job definitions in GitHub.
Auditbeat docker processesedit
Detect unusual processes in docker containers from auditd data (ECS).
These configurations are only available if data exists that matches the recognizer query specified in the manifest file.