Blog Entries

02. 10. 2024 Davide Sbetti Log Management, Log-SIEM, Machine Learning, NetEye

Perform KNN Classification Using Elasticsearch

Hey everyone! We played around a bit last time with our radar data to build a model that we could train outside Elasticsearch, loading it through Eland and then applying it using an ingest pipeline. But since our data is in the form of vectors, could we actually exploit Elasticsearch vector database functionality and perform…

Read More
12. 08. 2024 Davide Sbetti AI, Artificial Intelligence, Log-SIEM, Machine Learning, NetEye

Bring Your Own Model – Using Custom Models in Elasticsearch

Hey everyone! As you may remember, we took a look in the past at how it’s possible to use a model (trained directly in Elasticsearch) to perform some real time classification by using an ingest pipeline. But… what if we wanted to use our own externally trained model? Well the good news is that, under…

Read More
28. 12. 2023 Davide Sbetti Log-SIEM, Machine Learning

Semantic Search in Elasticsearch – Testing Our NetEye Guide: Adding the LLM ingredient

You weren’t expecting a part three of this series, right? Well honestly, me neither. But after working together with you on the POC where we firstly crawled the NetEye Guide and applied ELSER to the resulting documents, and then we exploited its semantic search capabilities in the NetEye Guide search, we asked ourselves, what if…

Read More
09. 10. 2023 Davide Sbetti Log-SIEM, Machine Learning, NetEye

Semantic Search in Elasticsearch – Testing Our NetEye Guide: Can We Improve the Search Experience? (Part 2) 

In my previous blog post, we saw how it’s possible to index some documents that we created by crawling our NetEye User Guide, then applying the ELSER model in Elasticsearch to create a bag of words for searching that takes into account the context of the various documents. Moreover, we also performed a simple query…

Read More
03. 10. 2023 Davide Sbetti Log-SIEM, Machine Learning, NetEye

Semantic Search in Elasticsearch – Testing Our NetEye Guide: Can We Improve the Search Experience? (Part 1)

Once upon a time (in fact it was just a month ago, but it sounds more dramatic this way) I had the opportunity to attend a webinar about Vector Search, Generative AI, and modern NLP by the Elastic Team. One of the topics that was touched on during the webinar was ELSER , Elastic’s new…

Read More
13. 12. 2022 Davide Sbetti Log-SIEM, Machine Learning

Building a Dashboard in Kibana to Keep Track of Your Smart Ingest Pipeline

In a previous article, we used NetEye and Elasticsearch to train a machine learning model able to classify documents about some collected radar signals, separating them into two categories (good vs bad), starting from an existing dataset. Afterwards, we applied it to new incoming documents using an Ingest Pipeline and the Inference Processor. Taking as…

Read More
19. 09. 2022 Davide Sbetti Log-SIEM, Machine Learning

Elasticsearch ML Models and Inference: Real-Time Classification

In a previous article, we explored the Machine Learning capabilities of Elasticsearch, which allowed us to apply anomaly detection techniques to our data, and helped us discover some really interesting facts as a result of our analysis. But can we take that idea even further? For instance, could we use data we’ve already collected to…

Read More
29. 03. 2022 Davide Sbetti Machine Learning, NetEye

Data Exploration in Kibana: from a Simple Visualization to Anomaly Detection

These days we live in a data-driven world, where the collection and analysis of data empowers not only companies but also individuals to plan future actions based on the information that is extracted. NetEye enables both the collection and analysis of an enormous amount of data using various platforms, such as Kibana, for data written…

Read More
22. 03. 2022 Tobias Goller Icinga Web 2, Machine Learning, NetEye

Performance Metrics Collection from NetEye to Elastic

Today my objective is to collect the performance metrics from various NetEye Icinga checks and write them out to Elasticsearch so I can apply Machine Learning (ML) algorithms to identify potential anomalies. This is a task that’s not possible with the open-source version of InfluxDB installed in NetEye. Moreover, this data in Elastic is used…

Read More
19. 05. 2020 Nicola Degara Anomaly Detection, Log Management, Machine Learning, NetEye, Unified Monitoring, Webinar

Neteye SIEM: processes and tools for IT Services Security 🇮🇹

Talking about IT security is now clearly synonymous with resilience! We are continuously and inevitably under attack… every organization must implement defensive principles and practices that avoid the worst damage and the least impact on its survival and development. From the data selection, to its collection and normalization, for its representation and analysis with techniques…

Read More
17. 10. 2019 Tobias Goller ITOA, Log-SIEM, Machine Learning, NetEye

Experiences with Netflow and Machine Learning in Elastic

Some time ago I was able to use the machine learning functionality in Elastic for the first time. I was astonished at how easy it is to use, and how fast it calculates historical data. In my particular case, I loaded Netflow data into the Elastic database. I wanted to use this data to evaluate…

Read More
02. 08. 2017 Susanne Greiner Anomaly Detection, Machine Learning, NetEye, Real User Experience

Next Level Performance Monitoring – Part II: The Role of Machine Learning and Anomaly Detection

Machine learning and anomaly detection are being mentioned with increasing frequency in performance monitoring. But what are they and why is interest in them rising so quickly? From Statistics to Machine Learning There have been several attempts to explicitly differentiate between machine learning and statistics. It is not so easy to draw a line between…

Read More
08. 06. 2015 Susanne Greiner Machine Learning, Real User Experience

Statistics and Machine Learning Techniques for RUE

In the age of the cloud the optimization of real end-user experience (RUE) is getting essential for success. On the one hand users expect applications to work faultlessly independent of the time, location, and device one is using them from. Application performance monitoring (APM) is therefore often based on RUE performance metrics. On the other…

Read More

Archive