Machine learning _getting alert while creating a new job

Raj_Kumar · October 4, 2017, 8:53am

Hi All,

Iam trying to create a job and am getting this message,am not sure why am getting this message

Please let me know what should I do this.
Thanks,
Raj

richcollier · October 4, 2017, 12:35pm

Raj,

in order for us to help you, please provide us with the information relating to how you've configured the job. You can get this by running the following and pasting the output here:

curl -u elastic:changeme -XGET 'localhost:9200/_xpack/ml/anomaly_detectors/<jobname>?pretty'

curl -u elastic:changeme -XGET 'localhost:9200/_xpack/ml/datafeeds/datafeed-<jobname>?pretty'

Raj_Kumar · October 4, 2017, 1:46pm

Thank you rich for the quick response

curl -u elastic:xx -XGET 'localhost:9200/_xpack/ml/datafeeds/datafeed-bytes_usage?pretty'
{
"count" : 1,
"datafeeds" : [
{
"datafeed_id" : "datafeed-bytes_usage",
"job_id" : "bytes_usage",
"query_delay" : "60s",
"frequency" : "600s",
"indices" : [
"logstash_netflow-*"
],
"types" : [
"netflow_cisco",
"netflow"
],
"query" : {
"match_all" : {
"boost" : 1.0
}
},
"scroll_size" : 1000,
"chunking_config" : {
"mode" : "auto"
}
}
]
}

curl -u elastic:changeme -XGET 'localhost:9200/_xpack/ml/anomaly_detectors/bytes_usage?pretty'
{
"count" : 1,
"jobs" : [
{
"job_id" : "bytes_usage",
"job_type" : "anomaly_detector",
"job_version" : "5.6.2",
"description" : "bystes_usage",
"create_time" : 1507106098700,
"finished_time" : 1507106100191,
"analysis_config" : {
"bucket_span" : "30m",
"detectors" : [
{
"detector_description" : "high_sum(netflow.in_permanent_bytes)",
"function" : "high_sum",
"field_name" : "netflow.in_permanent_bytes",
"partition_field_name" : "src_hostname.keyword",
"detector_rules" : [ ],
"detector_index" : 0
}
],
"influencers" : [
"src_hostname.keyword",
"dst_port_name.keyword",
"dst_hostname.keyword"
]
},
"data_description" : {
"time_field" : "@timestamp",
"time_format" : "epoch_ms"
},
"model_snapshot_retention_days" : 1,
"model_snapshot_id" : "1507122060",
"results_index_name" : "custom-bytes_usage"
}
]
}

Thanks in advance,
Raj

richcollier · October 4, 2017, 2:00pm

There's nothing obvious wrong with your job config, so the next ask would be to have you look in the elasticsearch.log file for the messages at the time that you get this error in the UI. I'm guessing a more descriptive message will be had there than what's shown in the UI.

Please post those messages here.

system · November 1, 2017, 2:00pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.