Logo

Machine Learning (Beta)

It Catches What You Might Miss, All by Itself

Complex, fast-moving datasets make it nearly impossible to spot infrastructure problems, intruders, or business issues as they happen using rules or humans looking at dashboards. X-Pack machine learning features automatically model the behavior of your Elasticsearch data — trends, periodicity, and more — in real time to identify issues faster, streamline root cause analysis, and reduce false positives.

Get started with automated anomaly detection using X-Pack. Watch Video
New The wait is over! Machine learning (beta) for the Elastic Stack is here. Learn More

Go Beyond the Obvious in Your Data

The Elastic Stack is brilliant at quickly answering questions such as, "what are the hourly requests per second over the last week?" and visualizing results in real time. But what if you want to dig deeper and ask "is there something unusual going on?" and "what's causing this?"

X-Pack machine learning features make that possible and apply to a broad range of use cases and datasets, allowing you to get creative with where and how you use them.

IT Operations

IT Operations: Spot an unusual drop in application requests, then drill in on the troublesome server contributing to the problem.

Security Analytics

Security Analytics: Identify unusual network activity or user behavior to pinpoint attackers before they do damage.

Business Analytics

Business Analytics: Get notified if there is an unusual increase in abandoned shopping carts in your ecommerce site.

Looking for examples to get started with machine learning on common use cases? Check out these machine learning recipes.

Automatically Model the Complexity of the Real World

Blog traffic dips on nights and weekends. Popular products have increasing sales over time. Location and time of day impact conversion rates. X-Pack machine learning features learn the normal behavior of your data — all by itself.

Skip defining rules, specifying thresholds, or manually building out statistical models. Our machine learning features make it easy to start identifying anomalies. Just describe the data you're interested analyzing (requests per second) and what other properties might influence it (server, IP, username), and that's it. The model begins baselining what’s normal, so it can detect what isn't.

Detect All Kinds of Anomalies

X-Pack machine learning features push the boundaries of what you can uncover in your Elasticsearch data. Know when a specific metric, like requests per second, starts to deviate from the norm. Detect outliers in a population by building a profile of a “typical” user or machine to know when one starts to stray from the pack. Categorize log messages to learn what’s normal for a given group and surface rare events or unusual types of messages.

Orient to Problems Faster to Pinpoint the Root Cause

Knowing there's a problem is great. Understanding why it's happening is better.

Once an anomaly is detected, X-Pack machine learning features make it easy to identify the properties that significantly influenced it. For instance, if there's an usual drop in transactions, you can quickly identify the failing server or misconfigured switch causing the problem.

With the ability to zero in on and correlate events across different data types and machine learning jobs — log messages, network traffic, metrics, etc. — you can resolve the issue at hand faster and get back to business as usual.

The More X-Pack Learns, The More You Learn.

Try it now. Create your first machine learning job to find the unusual, the weird, the atypical.

Install