In this above screenshot, I have the prediction value as 32192.
So, is it possible to alert the user (by using watcher) with the prediction value?
My watcher configuration is,
{
"range": {
"anomaly_score": {
"gte": "30"
}
}
}
Is it possible to include prediction value inside range?
Is it possible to include prediction value in slack text?
"text": "Machine Learning Results - Object cache size is going to exceed threshold limit.\n Anomalies:\n{{#ctx.payload.hits.hits}}score={{_source.anomaly_score}} at time={{_source.timestamp}}\n{{/ctx.payload.hits.hits}}"
Alright. Thanks for that. It clarifies my few other questions.
My use case,
In the screenshot I provided, When prediction value goes beyond 32000, I want to alert users along with the prediction value and prediction date in the alert text.
In watcher, I configured the alert text as
"text": "Machine Learning Results - Object cache size is going to exceed threshold limit.\n Anomalies:\n{{#ctx.payload.hits.hits}}score={{_source.anomaly_score}} at time={{_source.timestamp}}\n{{/ctx.payload.hits.hits}}"
Alert should look something like,
As per prediction, Object cache size is going to be at <prediction value> on <future date>.
How do I include both <prediction value> and <future date>data in alert text.
Is there anything like {{ctx.payload.hits.hits.0.prediction}}?
For forecasts, you do NOT want to use anomaly_score as the thing you're reporting on. Instead, use forecast_prediction . Please reference this other thread:
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
