Lisa Cawley
GitHub
|
|
@ -20,7 +20,7 @@ include::timelion.asciidoc[]
|
|||
|
||||
include::canvas.asciidoc[]
|
||||
|
||||
include::{kib-repo-dir}/ml/index.asciidoc[]
|
||||
include::ml/index.asciidoc[]
|
||||
|
||||
include::{kib-repo-dir}/maps/index.asciidoc[]
|
||||
|
||||
|
|
|
|||
|
|
@ -8,7 +8,7 @@ necessary to perform an analytics task.
|
|||
{kib} provides the following wizards to make it easier to create jobs:
|
||||
|
||||
[role="screenshot"]
|
||||
image::ml/images/ml-create-job.jpg[Create New Job]
|
||||
image::user/ml/images/ml-create-job.jpg[Create New Job]
|
||||
|
||||
A _single metric job_ is a simple job that contains a single _detector_. A
|
||||
detector defines the type of analysis that will occur and which fields to
|
||||
|
|
@ -32,13 +32,13 @@ http://nginx.org/[Nginx] and https://httpd.apache.org/[Apache] HTTP servers to
|
|||
{es}, the following wizards appear:
|
||||
|
||||
[role="screenshot"]
|
||||
image::ml/images/ml-data-recognizer-filebeat.jpg[A screenshot of the {filebeat} job creation wizards]
|
||||
image::user/ml/images/ml-data-recognizer-filebeat.jpg[A screenshot of the {filebeat} job creation wizards]
|
||||
|
||||
Likewise, if you use {auditbeat-ref}/index.html[{auditbeat}] to audit process
|
||||
activity on your systems, the following wizards appear:
|
||||
|
||||
[role="screenshot"]
|
||||
image::ml/images/ml-data-recognizer-auditbeat.jpg[A screenshot of the {auditbeat} job creation wizards]
|
||||
image::user/ml/images/ml-data-recognizer-auditbeat.jpg[A screenshot of the {auditbeat} job creation wizards]
|
||||
|
||||
These wizards create {anomaly-jobs}, dashboards, searches, and visualizations that
|
||||
are customized to help you analyze your {auditbeat} and {filebeat} data.
|
||||
|
|
@ -64,4 +64,4 @@ advanced jobs:
|
|||
|
||||
* https://www.elastic.co/videos/machine-learning-tutorial-creating-a-single-metric-job[Machine Learning for the Elastic Stack: Creating a single metric job]
|
||||
* https://www.elastic.co/videos/machine-learning-tutorial-creating-a-multi-metric-job[Machine Learning for the Elastic Stack: Creating a multi-metric job]
|
||||
* https://www.elastic.co/videos/machine-learning-lab-3-detect-outliers-in-a-population[Machine Learning for the Elastic Stack: Detect Outliers in a Population]
|
||||
* https://www.elastic.co/videos/machine-learning-lab-3-detect-outliers-in-a-population[Machine Learning for the Elastic Stack: Detect Outliers in a Population]
|
||||
|
Before Width: | Height: | Size: 520 KiB After Width: | Height: | Size: 520 KiB |
|
Before Width: | Height: | Size: 359 KiB After Width: | Height: | Size: 359 KiB |
|
Before Width: | Height: | Size: 173 KiB After Width: | Height: | Size: 173 KiB |
|
Before Width: | Height: | Size: 169 KiB After Width: | Height: | Size: 169 KiB |
|
Before Width: | Height: | Size: 175 KiB After Width: | Height: | Size: 175 KiB |
|
Before Width: | Height: | Size: 146 KiB After Width: | Height: | Size: 146 KiB |
|
Before Width: | Height: | Size: 116 KiB After Width: | Height: | Size: 116 KiB |
|
Before Width: | Height: | Size: 216 KiB After Width: | Height: | Size: 216 KiB |
|
|
@ -22,7 +22,7 @@ time field, you can use the *Data Visualizer* to identify possible fields for
|
|||
{anomaly-detect}:
|
||||
|
||||
[role="screenshot"]
|
||||
image::ml/images/ml-data-visualizer-sample.jpg[Data Visualizer for sample flight data]
|
||||
image::user/ml/images/ml-data-visualizer-sample.jpg[Data Visualizer for sample flight data]
|
||||
|
||||
experimental[] You can also upload a CSV, NDJSON, or log file (up to 100 MB in size).
|
||||
The *Data Visualizer* identifies the file format and field mappings. You can then
|
||||
|
|
@ -33,20 +33,20 @@ If you have a trial or platinum license, you can
|
|||
Management* pane:
|
||||
|
||||
[role="screenshot"]
|
||||
image::ml/images/ml-job-management.jpg[Job Management]
|
||||
image::user/ml/images/ml-job-management.jpg[Job Management]
|
||||
|
||||
You can use the *Settings* pane to create and edit
|
||||
{stack-ov}/ml-calendars.html[calendars] and the filters that are used in
|
||||
{stack-ov}/ml-rules.html[custom rules]:
|
||||
|
||||
[role="screenshot"]
|
||||
image::ml/images/ml-settings.jpg[Calendar Management]
|
||||
image::user/ml/images/ml-settings.jpg[Calendar Management]
|
||||
|
||||
The *Anomaly Explorer* and *Single Metric Viewer* display the results of your
|
||||
{anomaly-jobs}. For example:
|
||||
|
||||
[role="screenshot"]
|
||||
image::ml/images/ml-single-metric-viewer.jpg[Single Metric Viewer]
|
||||
image::user/ml/images/ml-single-metric-viewer.jpg[Single Metric Viewer]
|
||||
|
||||
You can optionally add annotations by drag-selecting a period of time in
|
||||
the *Single Metric Viewer* and adding a description. For example, you can add an
|
||||
|
|
@ -54,7 +54,7 @@ explanation for anomalies in that time period or provide notes about what is
|
|||
occurring in your operational environment at that time:
|
||||
|
||||
[role="screenshot"]
|
||||
image::ml/images/ml-annotations-list.jpg[Single Metric Viewer with annotations]
|
||||
image::user/ml/images/ml-annotations-list.jpg[Single Metric Viewer with annotations]
|
||||
|
||||
In some circumstances, annotations are also added automatically. For example, if
|
||||
the {anomaly-job} detects that there is missing data, it annotates the affected
|
||||