Hi,
In the multi-metric job in anomaly detection, do the metrics affect each other to find the anomalies as multivariate anomaly detection or is the main point of multi-metric job creating a job for different metrics in same time-interval (instead of creating multiple single-metric job for same time interval, creating multi-metric job for the metrics) ?
I saw a topics and tutorials on that, but these are a little bit old, I want to re-ask.
Thanks...
It is not multi-variate in the way that you might be thinking (a confluence of multiple variables affecting a specific feature of interest) - rather it is a parallel analysis of multiple features simultaneously (for scale/efficiency). You can either create multiple detectors
(i.e. max(this)
and sum(that)
, etc.) or "split" the analysis along a categorical feature via partition
/by
fields (count partition=error_code
or max(responsetime) by service
).
@richcollier
Thanks for your response and located the topic to the right category,
In addition, is there a way of checking anomaly detection conditions are occurred (as one or more switch), can this be adjusted in Kibana interface or Anomaly Detection API?
Thanks again for your response...
Hi @Furkan I don't understand your question and what you mean by "as one or more switch". Can you ask in a different way?
@richcollier
I was asking, Can we build or automate to the anomaly detection process to condition-based instead of time-based detection?
Thanks...
If your data has no element of time but is purely attribute-based, you could consider using outlier detection.
Thanks for your responses...
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.