Skip to content

ML-HostRiskScore-20210728-1

Pre-release
Pre-release
Compare
Choose a tag to compare
@brokensound77 brokensound77 released this 28 Jul 18:56
· 1475 commits to main since this release
ML-HostRiskScore-20210728-1
7040538
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

for details, reference: https://github.com/elastic/detection-rules/tree/main/docs/experimental-machine-learning

Changelog

This is the first release package for Host Risk Score. It consists of the following:

  • Scripts, ingest pipelines and transforms used to calculate and update risk score across all hosts in your environment
  • dashboards.ndjson contains all the assets required for two dashboards- "Current Risky Hosts", which shows the Top 20 currently suspicious hosts in your environment and "Host Risk Drilldown" which shows a more detailed breakdown of various types of activity taking place on hosts in your environment
Assets 4
Loading