github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-22 17:04:01 -04:00
Code Issues Projects Releases Packages Wiki Activity
kibana/docs/ml/index.asciidoc
István Zoltán Szabó 33c50593ce [DOCS] Updates ML/anomaly detection terms in the Kibana guide from 7.1 to 6.5 (#42428) 
* [DOCS] Updates ML/anomaly detection terms in the Kibana guide from 7.1 to 6.5.

* [DOCS] Fixes indentation.
2019-08-01 14:56:04 +02:00

76 lines
2.9 KiB
Text
Raw Permalink Blame History

[role="xpack"]
[[xpack-ml]]
= {ml-cap}
[partintro]
--
As datasets increase in size and complexity, the human effort required to
inspect dashboards or maintain rules for spotting infrastructure problems,
cyber attacks, or business issues becomes impractical. The Elastic {ml}
{anomaly-detect} feature automatically model the normal behavior of your time
series data — learning trends, periodicity, and more — in real time to identify
anomalies, streamline root cause analysis, and reduce false positives.
{anomaly-detect-cap} run in and scale with {es}, and include an
intuitive UI on the {kib} *Machine Learning* page for creating {anomaly-jobs}
and understanding results.
If you have a basic license, you can use the *Data Visualizer* to learn more
about your data. In particular, if your data is stored in {es} and contains a
time field, you can use the *Data Visualizer* to identify possible fields for
{anomaly-detect}:
[role="screenshot"]
image::ml/images/ml-data-visualizer-sample.jpg[Data Visualizer for sample flight data]
experimental[] You can also upload a CSV, NDJSON, or log file (up to 100 MB in size).
The *Data Visualizer* identifies the file format and field mappings. You can then
optionally import that data into an {es} index.
If you have a trial or platinum license, you can
<<ml-jobs,create {anomaly-jobs}>> and manage jobs and {dfeeds} from the *Job
Management* pane:
[role="screenshot"]
image::ml/images/ml-job-management.jpg[Job Management]
You can use the *Settings* pane to create and edit
{stack-ov}/ml-calendars.html[calendars] and the filters that are used in
{stack-ov}/ml-rules.html[custom rules]:
[role="screenshot"]
image::ml/images/ml-settings.jpg[Calendar Management]
The *Anomaly Explorer* and *Single Metric Viewer* display the results of your
{anomaly-jobs}. For example:
[role="screenshot"]
image::ml/images/ml-single-metric-viewer.jpg[Single Metric Viewer]
You can optionally add annotations by drag-selecting a period of time in
the *Single Metric Viewer* and adding a description. For example, you can add an
explanation for anomalies in that time period or provide notes about what is
occurring in your operational environment at that time:
[role="screenshot"]
image::ml/images/ml-annotations-list.jpg[Single Metric Viewer with annotations]
In some circumstances, annotations are also added automatically. For example, if
the {anomaly-job} detects that there is missing data, it annotates the affected
time period. For more information, see
{stack-ov}/ml-delayed-data-detection.html[Handling delayed data].
The *Job Management* pane shows the full list of annotations for each job.
NOTE: The {kib} {ml-features} use pop-ups. You must configure your
web browser so that it does not block pop-up windows or create an exception for
your {kib} URL.
For more information about the {anomaly-detect} feature, see
{stack-ov}/xpack-ml.html[{ml-cap} {anomaly-detect}].
--
include::creating-jobs.asciidoc[]
include::job-tips.asciidoc[]
Reference in a new issue View git blame Copy permalink