Hi,
I have NetFlow data, where the byte field is an integer type (eg, 100). I have to convert the byte field from integer type to string type so that I can use high_info_content function in machine learning advance job detector for detection high byte flows.
Hi,
If you want to find high byte flows use the high_sum function on the byte field.
{
"function" : "high_sum",
"field_name" : "byte"
}
Think of the info_content function as a measure of entropy, it is applied to string fields to find those containing higher than usual levels of information.
Hi David,
The model is working perfectly now. Thanks for the reply.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.