Prelert Behavioral Analytics for the Elastic Stack Beta

Extend the power of the Elastic Stack with Prelert’s automated behavioral analytics

Behavioral analytics for IT security and operations teams

Prelert Behavioral Analytics for the Elastic Stack analyzes log data residing in Elasticsearch, finds anomalies within the data and links them together, letting your data tell the story behind advanced cyberthreats and IT performance problems. Using automated machine learning-based analytics, Prelert enables:

img-real-problems-01Early Detection of Incidents

Detect advanced threat activity such as data exfiltration and command and control communication in near real-time. Identify IT security and operations problems before users report them, and catch issues that directly affect business KPIs.

img-real-problems-02Faster Root Cause Discovery

Find the root cause of anomalies faster. Get the full story behind cyberthreats, IT ops issues, and business disruptions with algorithms that learn minute-to-minute what is normal for your environment. Involve fewer people in triage and get answers fast.

img-real-problems-03Reduced False Positives

Because Prelert’s analytics run on log data from a broad set of sources, they are able to consider more context than monitoring tools that rely on a single source. This additional context helps to significantly reduce false positives.

Behavioral Analytics for the Elastic Stack Beta:
Let Your Data Tell the Story

Prelert helps you automate the analysis of massive Elasticsearch data sets, eliminating manual effort and human error. Running as a Kibana app, Prelert is tightly integrated into the Elastic Stack,  and anomaly results are displayed in Kibana dashboards. It’s easy to download and deploy in minutes—no data import or export required.


  • Runs as a Kibana app
  • Extends Elasticsearch with Prelert’s advanced behavioral analytics
  • Identifies anomalous behavior patterns in near real-time
  • Minimizes requirements for domain expertise
  • Offers advanced insights to help solve the most complex issues
  • Compatible with other Elastic products like Shield and Watcher
  • Easy to download and deploy in minutes

Sample Use Cases

Security Analytics

  • Detect DNS Data Exfiltration (Tunneling) in DNS Query Requests
  • Detect Suspicious Network Activity (App-Port) in Firewall Logs
  • Detect Suspicious Login Activity in Endpoint Detection and Response Logs
      View more

IT Operations

  • Analyze Operational Metrics
  • Discover Root Cause
  • Track Business KPIs

Retail Order Analytics

  • Detect Revenue-Impacting Events
  • Accurately Model Periodic Behaviors
  • Find Operational, Process-Related, or Externally-Created Issues

Automate data analysis, eliminate manual effort, and reduce human error.