github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-06-28 11:05:39 -04:00
Code Issues Projects Releases Packages Wiki Activity
kibana/docs/discover/log-pattern-analysis.asciidoc
florent-leborgne 8e7fb7a77e
[Docs] Update nav instructions and sample data installation to accommodate for the solution views (#199163) 
This PR:
- updates navigation instructions to accommodate for the navigation
changes related to solution views.
- updates instructions for adding sample data to rely on the
integrations page instead of the home page, that only exists with the
classic solution view
- updates references to the home page to avoid confusing users using one
of the new solution views

Closes: https://github.com/elastic/platform-docs-team/issues/529
Closes: https://github.com/elastic/platform-docs-team/issues/540
2024-11-08 11:10:32 +01:00

36 lines
No EOL
1.6 KiB
Text
Raw Blame History

[[run-pattern-analysis-discover]]
== Run a pattern analysis on your log data
include::../user/ml/index.asciidoc[tag=log-pattern-analysis-intro]
Log pattern analysis works on every text field.
This example uses the <<gs-get-data-into-kibana, sample web logs data>>, or you
can use your own data.
. Go to *Discover*.
. Expand the {data-source} dropdown, and select *Kibana Sample Data Logs*.
. If you don't see any results, expand the time range, for example, to
*Last 15 days*.
. Click the *Patterns* tab next to *Documents* and *Field statistics*. The
pattern analysis starts. The results are displayed under the chart. You can
change the analyzed field by using the field selector. In the
*Pattern analysis menu*, you can change the *Minimum time range*. This option
enables you to widen the time range for calculating patterns which improves
accuracy. The patterns, however, are still displayed by the time range you
selected in step 3.
[role="screenshot"]
image::images/log-pattern-analysis-results.png["Log pattern analysis results in Discover."]
. (optional) Apply filters to one or more patterns. *Discover* only displays
documents that match the selected patterns. Additionally, you can remove
selected patterns from *Discover*, resulting in the display of only those
documents that don't match the selected pattern. These options enable you to
remove unimportant messages and focus on the more important, actionable data
during troubleshooting. You can also create a categorization {anomaly-job}
directly from the *Patterns* tab to find anomalous behavior in the selected
pattern.
Reference in a new issue View git blame Copy permalink