Hello,
I would like to follow a specific list of customers defined by ip address.
For our application deployment we do this in a number of steps like beta (which may concern more than 1000 customers).
I would like to do anomaly detection over the kibana ML plugin for these beta customer
But when I set a list of ip addresses (more than 1000) kibana is blocked.
Is it possible to follow a spécific huge list of customers ?
I m using kibana 7.3
Regards
AmS
If I understand your question correctly, you want Kibana to build a filtered query with more than 1000 terms - you're right, that could be messy.
Perhaps a more manageable approach would be to enrich your customers index with a new field, for example beta such that the value of that field for a particular customer was either true or false.
If you want to be fancy and dynamically enrich the data at ingest, you could use a separate index to list your beta users, and use the enrich ingest processor to mark that customer as beta user as the data gets ingested.
Then, you can simply run a single term query in kibana (beta:true)
Hi Rich,
Thanks for your answer.
adding a new field is a good idea if it is static list of customers.
My problem is that list is randomly generated for each new version. so i know this list only when deployed on the beta.
Regards
AmS
Ok, maybe I don't fully understand your use-case then. You won't know who the beta users are? Why can't you dynamically create the list of beta users into the lookup index at deployment time?
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.