Hi there,
We want to do more with the data we're indexing, so that we can do some
real-time anomaly detection. We've been looking at the percolator feature
as a simple starting point, but I just want to get an idea of if what I'm
asking is possible.
We want a stored query that will match when a document comes through, and
is e.g. "the 10th delete request performed by user Foo in the last two
days!". For documents like {user: "foo", action: "delete", object:
"deletedthing"}.
Can Percolator queries do that - look at more than just the document coming
through? Is there a good example or tutorial around that? Should we be
looking at something else for this kind of data analysis?
Thanks!
--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/4ad43d5b-74f2-4a4f-9cb3-dac3b3eff694%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.