Hi Community,
The max function detect anomaly when it will max value for a particular field. For example
average life of a person can be 60 and if we are applying max function on age and it detect anomaly age can be 90 or 100 or 105 etc.
Similarly high_count function is a function where it will detect anomaly where no of event is high , but what is event can we go for high_count for age field.
the count functions count the number of documents in a bucket_span that match the query of the datafeed.
the count functions do not count fields
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.