Is it possible use anomaly detection as query?

tfe2012 · February 17, 2020, 6:00pm

Hi
I have log index with mapping like this:
{
"responseCode",
"time",
"serverName"
}
If I look to server respose code statistic
graph like this:

Green: 404, Blue: 200
Is it possible to use ML algorithm for query:

I want to send a request like:

{
query: {
"term": {
"serverName": "server23456",
"responseCode": 200
}
}
}

And get a response like this:

"time From: 9:40 - 10:20"

richcollier · February 18, 2020, 1:43pm

Within Elastic ML, you always have the ability to configure your anomaly detection jobs to either use all docs in the index, or to use a filtered query. It sounds like you want to use a filtered query.

To accomplish, the easiest way to do this is to build your filtered search in Kibana Discover tab, then save the query with a name. When configuring the ML job, use the named "saved search" as the basis for the ML job.

Topic		Replies	Views
Detect anomalies with ELK stack Elasticsearch	2	472	November 19, 2018
Tips to create a Machine Larning job Kibana elastic-stack-machine-learning	8	607	June 2, 2020
Filtering Index or custom rules for Elastic ML anomaly detection Elasticsearch elastic-stack-machine-learning	6	1760	July 9, 2021
How to write conditional statements/calculations in elastic Machine Learning Kibana elastic-stack-machine-learning	2	323	August 3, 2021
Machine Learning on Web server logs Elasticsearch elastic-stack-machine-learning	9	1017	July 11, 2019

Is it possible use anomaly detection as query?

Related topics