ueba train

Download Spec

get /connection-manager/api/v1/ueba/datasets

Get dataset object list, possibility to filter training history

logs

boolean

add pandas and tensorflow log prints

Default
false

bin_count

int

how many bins from training history

Default
50

Response

ExamplesSchema

Successful request, respond with a list of dataset objects

{
  "count": 123,
  "items": [
    {
      "id": "5bf77342-221c-11ee-be56-0242ac120002",
      "last_training": "2023-06-07T17:32:28Z",
      "is_active": true,
      "use_for_inference_once_trained": true,
      "time_range_settings": {
        "start": "2023-06-07T17:32:28Z",
        "end": "2023-06-07T17:32:28Z",
        "exclude": [
          {
            "start": "2023-06-07T17:32:28Z",
            "end": "2023-06-07T17:32:28Z"
          }
        ]
      },
      "training_results": [
        {
          "created": "2023-06-07T17:32:28Z",
          "feature_config_name": "string",
          "status": "TRAINING",
          "error_code": "string",
          "error_details": "string",
          "num_connections": 123,
          "mean": 123.0,
          "std": 123.0,
          "quantile_99": 123.0,
          "quantile_999": 123.0,
          "training_log": "string",
          "training_dataset_loss": [
            123.0
          ],
          "validation_dataset_loss": [
            123.0
          ],
          "validation_dataset_histogram": {
            "hist": [
              123.0
            ],
            "bin_edges": [
              123.0
            ]
          }
        }
      ],
      "comment": "string",
      "created": "2023-06-07T17:32:28Z",
      "created_by": "string",
      "updated": "2023-06-07T17:32:28Z",
      "updated_by": "string"
    }
  ]
}

post /connection-manager/api/v1/ueba/datasets

Save new dataset definition. Note training requires separate action.

id

string

uuid

last_training

string

date-time

last successful training reported from ueba server

is_active

boolean

if set, dataset based on which inference is done.

use_for_inference_once_trained

boolean

admin can set ueba to take results into use automatically after training completed. Note will toggle is_active bits once training done, as needed.

Default
false

time_range_settings

object (time_range_settings)

required

Definition of time interval(s) from where connections data is fetched from db for training

training_results

array[object]

comment

string

A comment describing the dataset

created

string

date-time

created_by

string

updated

string

date-time

updated_by

string

Response

ExamplesSchema

Successful request, dataset saved

{
  "id": "5bf77342-221c-11ee-be56-0242ac120002"
}

get /connection-manager/api/v1/ueba/datasets/{dataset_id}

Get dataset by id, possibility to filter training history

logs

boolean

add pandas and tensorflow log prints

Default
false

bin_count

int

how many bins from training history

Default
50

Response

ExamplesSchema

Successful request, respond with updated dataset

{
  "id": "5bf77342-221c-11ee-be56-0242ac120002",
  "last_training": "2023-06-07T17:32:28Z",
  "is_active": true,
  "use_for_inference_once_trained": true,
  "time_range_settings": {
    "start": "2023-06-07T17:32:28Z",
    "end": "2023-06-07T17:32:28Z",
    "exclude": [
      {
        "start": "2023-06-07T17:32:28Z",
        "end": "2023-06-07T17:32:28Z"
      }
    ]
  },
  "training_results": [
    {
      "created": "2023-06-07T17:32:28Z",
      "feature_config_name": "string",
      "status": "TRAINING",
      "error_code": "string",
      "error_details": "string",
      "num_connections": 123,
      "mean": 123.0,
      "std": 123.0,
      "quantile_99": 123.0,
      "quantile_999": 123.0,
      "training_log": "string",
      "training_dataset_loss": [
        123.0
      ],
      "validation_dataset_loss": [
        123.0
      ],
      "validation_dataset_histogram": {
        "hist": [
          123.0
        ],
        "bin_edges": [
          123.0
        ]
      }
    }
  ],
  "comment": "string",
  "created": "2023-06-07T17:32:28Z",
  "created_by": "string",
  "updated": "2023-06-07T17:32:28Z",
  "updated_by": "string"
}

put /connection-manager/api/v1/ueba/datasets/{dataset_id}

Update dataset. Note this will cause backend to empty training history and delete trained weights in ueba machine. This endpoint will not initiate training.

id

string

uuid

last_training

string

date-time

last successful training reported from ueba server

is_active

boolean

if set, dataset based on which inference is done.

use_for_inference_once_trained

boolean

admin can set ueba to take results into use automatically after training completed. Note will toggle is_active bits once training done, as needed.

Default
false

time_range_settings

object (time_range_settings)

required

Definition of time interval(s) from where connections data is fetched from db for training

training_results

array[object]

comment

string

A comment describing the dataset

created

string

date-time

created_by

string

updated

string

date-time

updated_by

string

Response

ExamplesSchema

Successful request

Empty response

delete /connection-manager/api/v1/ueba/datasets/{dataset_id}

Delete dataset

dataset_id

string

uuid

required

Response

ExamplesSchema

Successful request

Empty response

post /connection-manager/api/v1/ueba/train/{dataset_id}

Train or retrain a saved dataset.

set_active_after_training

boolean

start infering with this dataset after training completed

Default
false

Response

ExamplesSchema

Training initiated

{
  "count": 123
}

post /connection-manager/api/v1/ueba/query-connection-count

Get number of connections for dataset with given parameters. All connections, if json empty in body. Enables ui to poll dataset size when user configures period. Note uses post to avoid too long GET url query string.

start

string

date-time

end

string

date-time

exclude

array[object]

time ranges to exclude

Response

ExamplesSchema

Connection count for specified filters

{
  "count": 123
}

Was this page helpful?