Hey everyone I am starting new to opensearch and it’s anamoly detection feature.
Can anyone advice if I can create an Anamoly Detection Job for out of hours user logins.
I am trying to create this in winlogbeat data for 4624 login attempts having a @timestamp field.
Is this use case possible and if yes what should be the config look like ?
@pablo can you advice ?
@kris can you porvide an advice for this ?