[SIEM] Adds Machine Learning section to 'Using the SIEM UI' docs (#42399

) (#42521) ## Summary Adding `Anomaly Detection with Machine Learning` section to docs for new Machine Learning features. Example generated docs: ![image](https://user-images.githubusercontent.com/2946766/62312719-2a32d780-b44c-11e9-9967-4639eedf05d5.png) ### Checklist Use ~~strikethroughs~~ to remove checklist items you don't feel are applicable to this PR. - [] ~This was checked for cross-browser compatibility, [including a check against IE11](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#cross-browser-compatibility)~ - [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/master/packages/kbn-i18n/README.md) - [x] [Documentation](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#writing-documentation) was added for features that require explanation or tutorials - [ ] ~[Unit or functional tests](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#cross-browser-compatibility) were updated or added to match the most common scenarios~ - [ ] ~This was checked for [keyboard-only and screenreader accessibility](https://developer.mozilla.org/en-US/docs/Learn/Tools_and_testing/Cross_browser_testing/Accessibility#Accessibility_testing_checklist)~ ### For maintainers - [ ] ~This was checked for breaking API changes and was [labeled appropriately](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#release-notes-process)~ - [ ] ~This includes a feature addition or change that requires a release note and was [labeled appropriately](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#release-notes-process)~
elastic · Aug 2, 2019 · ecf3fba · ecf3fba
1 parent 65258a4
commit ecf3fba
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 0 deletions.
diff --git a/docs/siem/images/ml-ui.png b/docs/siem/images/ml-ui.png
diff --git a/docs/siem/index.asciidoc b/docs/siem/index.asciidoc
@@ -50,3 +50,4 @@ SIEM can ingest and normalize events from ECS-compatible data sources.
 
 
 include::siem-ui.asciidoc[]
+include::machine-learning.asciidoc[]
diff --git a/docs/siem/machine-learning.asciidoc b/docs/siem/machine-learning.asciidoc
@@ -0,0 +1,16 @@
+[role="xpack"]
+[[machine-learning]]
+== Anomaly Detection with Machine Learning
+
+For *https://www.elastic.co/cloud/elasticsearch-service/signup[Free Trial]*
+and *https://www.elastic.co/subscriptions[Platinum License]* deployments,
+Machine Learning functionality is available throughout the SIEM app. You can
+view the details of detected anomalies within the `Anomalies` table widget
+shown on the Hosts, Network and associated Details pages, or even narrow to
+the specific daterange of an anomaly from the `Max Anomaly Score` details in
+the overview of the Host and IP Details pages. Each of these interfaces also
+offer the ability to drag and drop details of the anomaly to Timeline, such
+as the `Entity` itself, or any of the associated `Influencers`.
+
+[role="screenshot"]
+image::siem/images/ml-ui.png[Machine Learning - Max Anomaly Score]