Introducing transforms in Elastic machine learning

Steve Dodson

Distinguished Engineer II

Elastic

Tom Grabowski

Principal Product Manager

Elastic

Version 7.3 of the Elastic Stack introduced a powerful new feature — continuous index transforms! Transforms let you convert existing Elasticsearch indices into new summarized secondary indices, which opens doors to new insights and analytics. In the beta release, you can utilize pivot transforms to create entity-centric indices that summarize behavior by entity.

Highlights:

• How to create entity-centric indices for tracking user behavior
• Demo of transaction transform for multi-event tracking
• Understand when transforms can be useful
• Review the new transforms UI in Kibana and Elasticsearch APIs

Additional resources:

• Webinar Slides
• Training: Elastic Machine Learning for Cybersecurity
• Documentation:   
  • Data frame transforms 
  • Data frame transforms Kibana UI
  • Helpful examples for getting started
  • Webinar data and commands
• Videos:
  • Web Access Logs in Elasticsearch and Machine Learning
  • Time Series Anomaly Detection - Optimizing your Machine Learning Jobs in Elasticsearch

Want to try it for yourself? Take data frames for a spin with a free trial of our Elasticsearch Service