Detecting Outliers without ML?

dar · September 24, 2019, 1:30pm

Is it possible to have Kibana show/highlight documents that have the biggest percentage variance in a given numeric field over the selected time slice? Imagine I'm logging hits containing URLs and response times:

URL, Response Time (ms)
www.site1.com,25
www.site1.com,28
www.site1.com,35
www.site2.com,141
www.site2.com,150
www.site3.com,1320
www.site3.com,1350

...how would I have Kibana flag up the third hit to www.site1.com as being anomalous because of the percentage variance in response time, please?

flash1293 · September 25, 2019, 8:57am

Hi @dar,

You might be able to use Kibana watchers to do something comparable by querying both the max value of response time and the standard deviation and triggering when these two differ too much. Keep in mind though that outlier detection is a complicated topic with a lot of difficult to tune edge cases when done in production settings.

Topic		Replies	Views
Standard deviation problem Kibana	2	564	September 25, 2019
Kibana filtering percentile/outliers Kibana	2	2341	October 12, 2017
Show outliers by standard deviation Kibana	2	775	March 18, 2019
Kibana graph for anamoly detection Kibana	5	881	March 24, 2017
Detect outliers in non timeline based data Elasticsearch elastic-stack-machine-learning	5	537	October 31, 2019

Detecting Outliers without ML?

Related topics