Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Machine Learning Deep Dive

Elastic Co
December 12, 2017
Technology
0
4.7k

Machine Learning Deep Dive

GA'ed in 5.5, machine learning can uncover insights from your data automatically. This session walks you through using the Elastic Stack to ingest, enrich, visualize, analyze, and alert on NGINX logs to detect and eventually predict anamolies in your data.

5.5 버전부터 Machine Learning을 통해 데이터에 대한 인사이트를 자동적으로 얻을 수 있습니다. 본 세션에서는 Elastic Stack을 사용하여 NGINX 로그를 수집, 강화, 시각화, 분석하고 이에 대한 알람을 설정하여 이상 징후를 예측하는 방법에 대해 배우실 수 있습니다.

Sophie Chang | Machine Learning Team Lead | Elastic

Elastic Co

December 12, 2017
Tweet

More Decks by Elastic Co

See All by Elastic Co
Les Vendredis noirs : même pas peur ! - Breizhcamp
elastic
15
860
Confoo Montreal: Ingest node: enriching documents within Elasticsearch
elastic
16
840
Elastic{ON} 2018 - Sipping from the Firehose: Scalable Endpoint Data for Incident Response
elastic
6
4.2k
Elastic{ON} 2018 - A Security Analytics Platform for Today
elastic
3
11k
Elastic{ON} 2018 - The State of Geo in Elasticsearch
elastic
7
12k
Elastic{ON} 2018 - Reliable by design - Applying formal methods to distributed systems
elastic
5
4.7k
Elastic{ON} 2018 - Bigger, Faster, Stronger - Leveling Up Enterprise Logging
elastic
1
5k
Elastic{ON} 2018: Latest in Logstash
elastic
1
4.5k
Elastic{ON} 2018 - Lessons Learned from Workday's Search Application Journey from POC to Production
elastic
2
2.4k

Other Decks in Technology

See All in Technology
TanStack Routerに移行するのかい しないのかい、どっちなんだい! / Are you going to migrate to TanStack Router or not? Which one is it?
kaminashi
0
590
Shopifyアプリ開発における Shopifyの機能活用
sonatard
4
250
マルチモーダル / AI Agent / LLMOps 3つの技術トレンドで理解するLLMの今後の展望
hirosatogamo
37
12k
Lambdaと地方とコミュニティ
miu_crescent
2
370
AWS Media Services 最新サービスアップデート 2024
eijikominami
0
200
AIチャットボット開発への生成AI活用
ryomrt
0
170
なぜ今 AI Agent なのか _近藤憲児
kenjikondobai
4
1.4k
BLADE: An Attempt to Automate Penetration Testing Using Autonomous AI Agents
bbrbbq
0
300
生成AIが変えるデータ分析の全体像
ishikawa_satoru
0
100
フルカイテン株式会社 採用資料
fullkaiten
0
40k
Evangelismo técnico: ¿qué, cómo y por qué?
trishagee
0
360
個人でもIAM Identity Centerを使おう!(アクセス管理編)
ryder472
3
200

Featured

See All Featured
The Power of CSS Pseudo Elements
geoffreycrofte
73
5.3k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
169
50k
A Philosophy of Restraint
colly
203
16k
We Have a Design System, Now What?
morganepeng
50
7.2k
What’s in a name? Adding method to the madness
productmarketing
PRO
22
3.1k
jQuery: Nuts, Bolts and Bling
dougneiner
61
7.5k
Learning to Love Humans: Emotional Interface Design
aarron
273
40k
Ruby is Unlike a Banana
tanoku
97
11k
Producing Creativity
orderedlist
PRO
341
39k
What's in a price? How to price your products and services
michaelherold
243
12k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
250
21k
Building Applications with DynamoDB
mza
90
6.1k

Transcript

  1. Sophie Chang Team Lead, Machine Learning Machine Learning Deep Dive

  2. None

  3. 3 Anomaly Detection in Time Series Data

  4. 4 Anomalies == Trouble 2017-02-27 9:37am

  5. 5

  6. 6 IT Operational Analytics

  7. 7 DNS Are there signs of data exfiltration? packetbeat Traffic

    Is one of my users an insider threat? metricbeat Auth Logs Is a brute- force attack underway? filebeat Security Analytics

  8. 8 Unusual spike in user latency Server woes or regional

    outage Rare event from sensor Failing device Metrics

  9. 9 Dashboards aren’t enough

  10. 10 Rules Don’t Scale • Where do you set the

    threshold? • Who updates the rules? • False positives are costly

  11. 11 It All Begins with Data Discovering information in NGINX

    logs 68.75.44.178, 172.68.146.54, 127.0.0.1 - - [15/May/ 2017:12:16:27 +0200] "GET /sites/default/files/styles/ company_profile_cover_crop/public/1500x500_1_10.jpg? itok=RUgim2UQ&sc=297009042628d7de3f0eb50e807d29e4 HTTP/1.1" 200 92763 "https://www.startus.cc/company/finleap" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36”

  12. 12 Ingest, Enrich, Visualize, Analyze, Alert Elasticsearch X-pack Master Nodes

    (3) Ingest Nodes (X) Data Nodes - Hot (X) Data Nodes - Warm (X) Beats Log Files Metrics Wire Data your(beat) Filebeat Module NGINX Kibana X-pack Instances (X)

  13. Demo

  14. Thank You