Machine learning _getting alert while creating a new job

Elastic Stack Elasticsearch
1

Hi All,

Iam trying to create a job and am getting this message,am not sure why am getting this message

image
image.png1190×455 23.4 KB

Please let me know what should I do this.
Thanks,
Raj

2

Raj,

in order for us to help you, please provide us with the information relating to how you've configured the job. You can get this by running the following and pasting the output here:

curl -u elastic:changeme -XGET 'localhost:9200/_xpack/ml/anomaly_detectors/<jobname>?pretty'

curl -u elastic:changeme -XGET 'localhost:9200/_xpack/ml/datafeeds/datafeed-<jobname>?pretty'

3

Thank you rich for the quick response

curl -u elastic:xx -XGET 'localhost:9200/_xpack/ml/datafeeds/datafeed-bytes_usage?pretty'
{
"count" : 1,
"datafeeds" : [
{
"datafeed_id" : "datafeed-bytes_usage",
"job_id" : "bytes_usage",
"query_delay" : "60s",
"frequency" : "600s",
"indices" : [
"logstash_netflow-*"
],
"types" : [
"netflow_cisco",
"netflow"
],
"query" : {
"match_all" : {
"boost" : 1.0
}
},
"scroll_size" : 1000,
"chunking_config" : {
"mode" : "auto"
}
}
]
}

curl -u elastic:changeme -XGET 'localhost:9200/_xpack/ml/anomaly_detectors/bytes_usage?pretty'
{
"count" : 1,
"jobs" : [
{
"job_id" : "bytes_usage",
"job_type" : "anomaly_detector",
"job_version" : "5.6.2",
"description" : "bystes_usage",
"create_time" : 1507106098700,
"finished_time" : 1507106100191,
"analysis_config" : {
"bucket_span" : "30m",
"detectors" : [
{
"detector_description" : "high_sum(netflow.in_permanent_bytes)",
"function" : "high_sum",
"field_name" : "netflow.in_permanent_bytes",
"partition_field_name" : "src_hostname.keyword",
"detector_rules" : [ ],
"detector_index" : 0
}
],
"influencers" : [
"src_hostname.keyword",
"dst_port_name.keyword",
"dst_hostname.keyword"
]
},
"data_description" : {
"time_field" : "@timestamp",
"time_format" : "epoch_ms"
},
"model_snapshot_retention_days" : 1,
"model_snapshot_id" : "1507122060",
"results_index_name" : "custom-bytes_usage"
}
]
}

Thanks in advance,
Raj

4

There's nothing obvious wrong with your job config, so the next ask would be to have you look in the elasticsearch.log file for the messages at the time that you get this error in the UI. I'm guessing a more descriptive message will be had there than what's shown in the UI.

Please post those messages here.

5

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.