Elastic{ON}Tour Tokyo 2017 - Machine Learning D...

December 14, 2017

800

Elastic{ON}Tour Tokyo 2017 - Machine Learning Deep Dive

5.5でリリースされたMachine Learningは時系列データの異常検知を可能にしました。本セッションでは、NGINXログの投入から、情報付加、可視化、分析、そして異常の予測まで、Elastic Stackを利用した手順をご覧いただきます。

Sophie Chang | Machine Learning Team Lead | Elastic
Kosho Owa| Solution Architect | Elastic

Elastic Co

December 14, 2017

Tweet

More Decks by Elastic Co

See All by Elastic Co

Les Vendredis noirs : même pas peur ! - Breizhcamp

15

860

Confoo Montreal: Ingest node: enriching documents within Elasticsearch

16

840

Elastic{ON} 2018 - Sipping from the Firehose: Scalable Endpoint Data for Incident Response

6

4.2k

Elastic{ON} 2018 - A Security Analytics Platform for Today

3

11k

Elastic{ON} 2018 - The State of Geo in Elasticsearch

7

12k

Elastic{ON} 2018 - Reliable by design - Applying formal methods to distributed systems

5

4.7k

Elastic{ON} 2018 - Bigger, Faster, Stronger - Leveling Up Enterprise Logging

1

5k

Elastic{ON} 2018: Latest in Logstash

1

4.5k

Elastic{ON} 2018 - Lessons Learned from Workday's Search Application Journey from POC to Production

2

2.4k

Other Decks in Technology

See All in Technology

Amazon Personalizeのレコメンドシステム構築、実際何するの？〜大体10分で具体的なイメージをつかむ〜

1

100

ドメイン名の終活について - JPAAWG 7th -

33

20k

誰も全体を知らない～ロールの垣根を超えて引き上げる開発生産性 / Boosting Development Productivity Across Roles

1

220

AWS Media Services 最新サービスアップデート 2024

0

200

Why App Signing Matters for Your Android Apps - Android Bangkok Conference 2024

0

120

障害対応指揮の意思決定と情報共有における価値観 / Waroom Meetup #2

5

470

OCI Vault 概要

oracle4engineer

0

9.7k

社内で最大の技術的負債のリファクタリングに取り組んだお話し

1

550

TypeScriptの次なる大進化なるか！？　条件型を返り値とする関数の型推論

2

1.6k

リンクアンドモチベーションソフトウェアエンジニア向け紹介資料 / Introduction to Link and Motivation for Software Engineers

4

300k

フルカイテン株式会社採用資料

0

40k

安心してください、日本語使えますよ―Ubuntu日本語Remix提供休止に寄せて― 2024-11-17

1

990

Featured

See All Featured

Thoughts on Productivity

67

4.3k

RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub

131

33k

Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End

250

21k

A designer walks into a library…

pauljervisheath

203

24k

Stop Working from a Prison Cell

267

20k

What’s in a name? Adding method to the madness

productmarketing

22

3.1k

It's Worth the Effort

183

27k

Ruby is Unlike a Banana

97

11k

How to train your dragon (web standard)

88

5.7k

Making the Leap to Tech Lead

133

8.9k

The Myth of the Modular Monolith - Day 2 Keynote - Rails World 2024

16

2.1k

Save Time (by Creating Custom Rails Generators)

27

840

Transcript

Sophie Chang, Team Lead, Machine Learning Kosho Owa, Solution Architect
Machine Learning Deep Dive
None
3 Anomaly Detection in Time Series Data
4 Anomalies == Trouble 2017-02-27 9:37am
5
6 IT Operational Analytics
7 DNS Are there signs of data exfiltration? packetbeat Traffic
Is one of my users an insider threat? metricbeat Auth Logs Is a brute- force attack underway? filebeat Security Analytics
8 Unusual spike in user latency Server woes or regional
outage Rare event from sensor Failing device Metrics
9 Dashboards aren’t enough
10 Rules Don’t Scale • Where do you set the
threshold? • Who updates the rules? • False positives are costly
11 It All Begins with Data Discovering information in NGINX
logs 68.75.44.178, 172.68.146.54, 127.0.0.1 - - [15/May/ 2017:12:16:27 +0200] "GET /sites/default/files/styles/ company_profile_cover_crop/public/1500x500_1_10.jpg? itok=RUgim2UQ&sc=297009042628d7de3f0eb50e807d29e4 HTTP/1.1" 200 92763 "https://www.startus.cc/company/finleap" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36”
12 Ingest, Enrich, Visualize, Analyze, Alert Elasticsearch X-pack Master Nodes
(3) Ingest Nodes (X) Data Nodes - Hot (X) Data Nodes - Warm (X) Beats Log Files Metrics Wire Data your(beat) Filebeat Module NGINX Kibana X-pack Instances (X)
Demo
14
15
16
17
Thank You