Hi I recently started testing Elasticsearch Kibana's anomaly detection and so far it is working fine where anomalies are detected. However I am wondering if I am able to click something that brings me to the log that was flagged out as an anomaly as I am unable to do that.
Welcome, @Nicnathaniel. Would something like what's described in this guide be helpful here?
Thanks,
Jessica
Hi i don't think so as I am using kibana
Thanks @Nicnathaniel. Oh wow, I meant to send this guide instead. Sorry about that!
I was thinking that something like Anomaly Explorer or Single Metric Viewer might be a good fit here.
Hi @jessgarson , Thank you but i have already read through i don't think it is what i am looking for. I was wondering if it is possible to get the exact logs that being flagged out as anomalies.
Thanks, @Nicnathaniel. I checked in with some coworkers on this subject, and I'll let you know when I hear more.
Alright thank you very much!
Thanks, @Nicnathaniel. Could raw data be what you are looking for?
Yes, i was wondering if i set a webhook for anomaly detection, am i able to get the raw data that triggered as anomaly
Thanks, @Nicnathaniel. I think this could work, but I haven't tested this myself. How were you thinking of setting up the webhook?
Hi @jessgarson , my initial plan was to use the webhook from anomaly detection to get the raw log that is flagged out as an anomaly to pass the logs to a NLP model to generate queries. I am not sure how feasible it is now as i am unable to view the raw logs from the anomaly detection dashboard.
Thanks for following up. Have you tried looking at the “Raw data” option in the Actions column? I understand that you could create a query for the pertinent documents in Discover and enrich the actions menu by incorporating custom URLs if needed. Could that method work here?
Hi I am not sure where to find the "raw data" option