Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

New ML configurations and dashboards for the Filebeat Nginx module #4609

Merged
merged 1 commit into from Jul 5, 2017

Conversation

@tsg
Copy link
Contributor

@tsg tsg commented Jul 4, 2017

Added new machine learning jobs and dashboards, all created by @stevedodson.

We now have 5 ML job configs for the access logs:

  • Detect unusual visitor rate
  • Detect unusual response_code rates
  • Detect low request rate
  • Detect unusual remote_ips - high distinct count of urls
  • Detect unusual remote_ips - high request rates

This also comes with two new sample dashboards, to which the user can jump when reviewing the ML job results.

screen shot 2017-07-04 at 18 30 37

ToDos / questions:

  • Changelog
  • Figure out a better way to handle the links to the dashboards
@tsg
Copy link
Contributor Author

@tsg tsg commented Jul 5, 2017

Researched on the URLs issue, but unfortunately there doesn't seem to be a way to shorten them effectively. But I've asked the Kibana team, and those URLs are expected to keep working going forward.

tsg pushed a commit to tsg/beats that referenced this issue Jul 5, 2017
…x module

This backports elastic#4609 to the 5.x branch. The backport was done manually by copying the files,
because the folder structure for the dashboards changed.
@monicasarbu
Copy link
Contributor

@monicasarbu monicasarbu commented Jul 5, 2017

@tsg Can you please add the screenshot under docs/images?

We now have 5 ML job configs for the access logs:

* Detect unusual visitor rate
* Detect unusual response_code rates
* Detect low request rate
* Detect unusual remote_ips - high distinct count of urls
* Detect unusual remote_ips - high request rates

This also comes with two new sample dashboards, to which the user can jump when reviewing the ML job results.
@tsg tsg force-pushed the new_nginx_ml_jons branch from ec91e15 to e74556d Jul 5, 2017
@tsg
Copy link
Contributor Author

@tsg tsg commented Jul 5, 2017

@monicasarbu done, thanks for the review.

@monicasarbu monicasarbu merged commit 8b66642 into elastic:master Jul 5, 2017
2 of 4 checks passed
monicasarbu added a commit that referenced this issue Jul 5, 2017
#4612)

This backports #4609 to the 5.x branch. The backport was done manually by copying the files,
because the folder structure for the dashboards changed.
@tsg tsg mentioned this pull request Jul 17, 2017
4 tasks
ramon-garcia added a commit to ramon-garcia/beats that referenced this issue Dec 5, 2017
We now have 5 ML job configs for the access logs:

* Detect unusual visitor rate
* Detect unusual response_code rates
* Detect low request rate
* Detect unusual remote_ips - high distinct count of urls
* Detect unusual remote_ips - high request rates

This also comes with two new sample dashboards, to which the user can jump when reviewing the ML job results.
athom added a commit to athom/beats that referenced this issue Jan 25, 2018
We now have 5 ML job configs for the access logs:

* Detect unusual visitor rate
* Detect unusual response_code rates
* Detect low request rate
* Detect unusual remote_ips - high distinct count of urls
* Detect unusual remote_ips - high request rates

This also comes with two new sample dashboards, to which the user can jump when reviewing the ML job results.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

2 participants