Is it possible use anomaly detection as query?

tfe2012 · February 17, 2020, 6:00pm

Hi
I have log index with mapping like this:
{
"responseCode",
"time",
"serverName"
}
If I look to server respose code statistic
graph like this:

Green: 404, Blue: 200
Is it possible to use ML algorithm for query:

I want to send a request like:

{
query: {
"term": {
"serverName": "server23456",
"responseCode": 200
}
}
}

And get a response like this:

"time From: 9:40 - 10:20"

richcollier · February 18, 2020, 1:43pm

Within Elastic ML, you always have the ability to configure your anomaly detection jobs to either use all docs in the index, or to use a filtered query. It sounds like you want to use a filtered query.

To accomplish, the easiest way to do this is to build your filtered search in Kibana Discover tab, then save the query with a name. When configuring the ML job, use the named "saved search" as the basis for the ML job.

system · March 17, 2020, 1:44pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Filtering Index or custom rules for Elastic ML anomaly detection Elasticsearch elastic-stack-machine-learning	6	1417	July 9, 2021
Question on how to choose the aggregations for ML job Kibana elastic-stack-machine-learning	3	362	December 10, 2019
Filter logs in ML Job Kibana elastic-stack-machine-learning	4	369	June 4, 2019
Anomaly Detection Job Results Index Kibana	3	23	August 28, 2024
ML anomaly detection question Kibana elastic-stack-machine-learning	8	621	February 11, 2020

Is it possible use anomaly detection as query?

Related topics