Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

New ML configurations and dashboards for the Filebeat Nginx module #4609

Merged
merged 1 commit into from Jul 5, 2017

Conversation

Projects
None yet
2 participants
@tsg
Copy link
Collaborator

commented Jul 4, 2017

Added new machine learning jobs and dashboards, all created by @stevedodson.

We now have 5 ML job configs for the access logs:

  • Detect unusual visitor rate
  • Detect unusual response_code rates
  • Detect low request rate
  • Detect unusual remote_ips - high distinct count of urls
  • Detect unusual remote_ips - high request rates

This also comes with two new sample dashboards, to which the user can jump when reviewing the ML job results.

screen shot 2017-07-04 at 18 30 37

ToDos / questions:

  • Changelog
  • Figure out a better way to handle the links to the dashboards

@tsg tsg added in progress review and removed in progress labels Jul 4, 2017

@tsg

This comment has been minimized.

Copy link
Collaborator Author

commented Jul 5, 2017

Researched on the URLs issue, but unfortunately there doesn't seem to be a way to shorten them effectively. But I've asked the Kibana team, and those URLs are expected to keep working going forward.

tsg added a commit to tsg/beats that referenced this pull request Jul 5, 2017

Backport elastic#4609 to 5.x: New ML configurations for Filebeat Ngin…
…x module

This backports elastic#4609 to the 5.x branch. The backport was done manually by copying the files,
because the folder structure for the dashboards changed.
@monicasarbu

This comment has been minimized.

Copy link
Contributor

commented Jul 5, 2017

@tsg Can you please add the screenshot under docs/images?

New machine learning jobs
We now have 5 ML job configs for the access logs:

* Detect unusual visitor rate
* Detect unusual response_code rates
* Detect low request rate
* Detect unusual remote_ips - high distinct count of urls
* Detect unusual remote_ips - high request rates

This also comes with two new sample dashboards, to which the user can jump when reviewing the ML job results.

@tsg tsg force-pushed the tsg:new_nginx_ml_jons branch from ec91e15 to e74556d Jul 5, 2017

@tsg

This comment has been minimized.

Copy link
Collaborator Author

commented Jul 5, 2017

@monicasarbu done, thanks for the review.

@monicasarbu monicasarbu merged commit 8b66642 into elastic:master Jul 5, 2017

2 of 4 checks passed

beats-ci Build finished.
Details
continuous-integration/appveyor/pr Waiting for AppVeyor build to complete
Details
CLA Commit author is a member of Elasticsearch
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details

monicasarbu added a commit that referenced this pull request Jul 5, 2017

Backport #4609 to 5.x: New ML configurations for Filebeat Nginx module (
#4612)

This backports #4609 to the 5.x branch. The backport was done manually by copying the files,
because the folder structure for the dashboards changed.

@tsg tsg referenced this pull request Jul 17, 2017

Closed

Filebeat modules: machine learning jobs #4680

4 of 4 tasks complete

ramon-garcia added a commit to ramon-garcia/beats that referenced this pull request Dec 5, 2017

New machine learning jobs (elastic#4609)
We now have 5 ML job configs for the access logs:

* Detect unusual visitor rate
* Detect unusual response_code rates
* Detect low request rate
* Detect unusual remote_ips - high distinct count of urls
* Detect unusual remote_ips - high request rates

This also comes with two new sample dashboards, to which the user can jump when reviewing the ML job results.

athom added a commit to athom/beats that referenced this pull request Jan 25, 2018

New machine learning jobs (elastic#4609)
We now have 5 ML job configs for the access logs:

* Detect unusual visitor rate
* Detect unusual response_code rates
* Detect low request rate
* Detect unusual remote_ips - high distinct count of urls
* Detect unusual remote_ips - high request rates

This also comes with two new sample dashboards, to which the user can jump when reviewing the ML job results.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.