Hello,
We have some data like sflows which has fields:
Is there a way to make an Elastic machine learning job which can detect drops in traffic somehow? To do that it would have to detect changes in the rate the octets increment. I've tried, but was unable to do that.
Grtz
Willem
Not sure what you tried, but this should work fine as is. I just did a quick mockup using the following CSV, with a contrived discontinuity of slope in it:
Imported into elasticsearch with File Upload. Configured an ML job:
It properly found the discontinuity:
@richcollier Can it also show this per host? Do I need to configure the host as influencer?
Yes, you could do it per host - just use the Multi-metric job wizard and split on host
@richcollier Thanks, I think I got it:
Cool - but it would be more effective to split the analysis on host using the Multi-metric job wizard rather than merely relying on using the host as an influencer.
Got it, used switchinterface alias as split field looks promising. Curious at the results in a few weeks. Tx for the help.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.
