Update ML page with anomaly detection jobs from Elastic integrations (#…

…3648) * ML page - update subsection * Update wording, test linking internal ref * Update broken link * Add url subsection * PR review * Update docs/detections/machine-learning/machine-learning.asciidoc Co-authored-by: Janeen Mikell Roberts <[email protected]> * Update docs/detections/machine-learning/machine-learning.asciidoc Co-authored-by: Benjamin Ironside Goldstein <[email protected]> * Update docs/detections/machine-learning/machine-learning.asciidoc Co-authored-by: Janeen Mikell Roberts <[email protected]> * Remove subsection in url breaking the build * Update docs/detections/machine-learning/machine-learning.asciidoc Co-authored-by: Janeen Mikell Roberts <[email protected]> * Update capitalization * Update docs/detections/machine-learning/machine-learning.asciidoc Co-authored-by: Janeen Mikell Roberts <[email protected]> * Capitalization --------- Co-authored-by: Janeen Mikell Roberts <[email protected]> Co-authored-by: Benjamin Ironside Goldstein <[email protected]>
elastic · Aug 9, 2023 · 27cd7fe · 27cd7fe
1 parent 2d26bc5
commit 27cd7fe
Showing 1 changed file with 17 additions and 0 deletions.
diff --git a/docs/detections/machine-learning/machine-learning.asciidoc b/docs/detections/machine-learning/machine-learning.asciidoc
@@ -66,6 +66,10 @@ Or
 * Your shipped data is ECS-compliant, and {kib} is configured with the shipped
 data's index patterns in *{kib}* -> *{stack-manage-app}* -> *Data Views*.
 
+Or
+
+* You install one or more of the Advanced Analytics integrations (refer to the following section).
+
 <<prebuilt-ml-jobs>> describes all available {ml} jobs and lists which ECS
 fields are required on your hosts when you are not using {beats} or the {agent}
 to ship your data. For information on tuning anomaly results to reduce the
@@ -76,6 +80,19 @@ prior to the time they are enabled. After jobs are enabled, they continuously
 analyze incoming data. When jobs are stopped and restarted within the two-week
 time frame, previously analyzed data is not processed again.
 
+[float]
+[[ml-integrations]]
+=== Jobs in Advanced Analytics (UEBA) Elastic integrations
+
+You can also install {ml} jobs using https://docs.elastic.co/integrations[Elastic integrations]. Here are the Advanced Analytics integrations available for Security:
+
+* https://docs.elastic.co/integrations/ded[Data Exfiltration Detection]
+* https://docs.elastic.co/integrations/dga[Domain Generation Algorithm Detection]
+* https://docs.elastic.co/integrations/lmd[Lateral Movement Detection]
+* https://docs.elastic.co/integrations/problemchild[Living off the Land Attack Detection]
+
+To learn more about {ml} jobs enabled by these integrations, refer to the https://www.elastic.co/guide/en/security/current/prebuilt-ml-jobs.html[Prebuilt jobs page].
+
 [float]
 [[view-anomalies]]
 == View detected anomalies