Skip to content

[Logs UI] Add ML module with a common log categorization job #50414

New issue
New issue
Closed
#51905
Closed
[Logs UI] Add ML module with a common log categorization job#50414
#51905
Labels
Feature:Logs UILogs UI featureTeam:Infra Monitoring UI - DEPRECATEDDEPRECATED - Label for the Infra Monitoring UI team. Use Team:obs-ux-infra_servicesv7.6.0
@weltenwort

Description

@weltenwort
weltenwort
opened on Nov 12, 2019

Summary

Following the investigation in #46610 the categorization can probably be handled using a single ML job.

Job results

The following result data structures could be attributed to a partition:

  • the anomaly record
  • the model_plot with the actual count per bucket and partition

A few result data structures would be shared between the partitions:

  • the bucket
  • the category with its examples

Acceptance criteria

  • A new ML module logs_ui_entry_categorization with one job and one datafeed exists.
  • The job is a categorization job with...
    • a categorization_field_name set to message.
    • a count detector with the by_field_name set to mlcategory and partition_field_name set to event.dataset.
    • a bucket_span of 15 minutes.
    • the model plot enabled.
  • The datafeed for the job...
    • filters the documents for the existence of a message field.

Metadata

Metadata

Assignees

No one assigned

    Labels

    Feature:Logs UILogs UI featureTeam:Infra Monitoring UI - DEPRECATEDDEPRECATED - Label for the Infra Monitoring UI team. Use Team:obs-ux-infra_servicesv7.6.0

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions