Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

New ML configurations and dashboards for the Filebeat Nginx module #4609

Merged
merged 1 commit into from
Jul 5, 2017
Merged

New ML configurations and dashboards for the Filebeat Nginx module #4609

merged 1 commit into from
Jul 5, 2017

Conversation

tsg
Copy link
Contributor

@tsg tsg commented Jul 4, 2017
edited

Added new machine learning jobs and dashboards, all created by @stevedodson.

We now have 5 ML job configs for the access logs:

  • Detect unusual visitor rate
  • Detect unusual response_code rates
  • Detect low request rate
  • Detect unusual remote_ips - high distinct count of urls
  • Detect unusual remote_ips - high request rates

This also comes with two new sample dashboards, to which the user can jump when reviewing the ML job results.

screen shot 2017-07-04 at 18 30 37

ToDos / questions:

  • Changelog
  • Figure out a better way to handle the links to the dashboards

@tsg tsg added in progress Pull request is currently in progress. review and removed in progress Pull request is currently in progress. labels Jul 4, 2017
@tsg
Copy link
Contributor Author

tsg commented Jul 5, 2017

Researched on the URLs issue, but unfortunately there doesn't seem to be a way to shorten them effectively. But I've asked the Kibana team, and those URLs are expected to keep working going forward.

tsg pushed a commit to tsg/beats that referenced this pull request Jul 5, 2017
Backport elastic#4609 to 5.x: New ML configurations for Filebeat Ngin…
2e7eaed 
…x module

This backports elastic#4609 to the 5.x branch. The backport was done manually by copying the files,
because the folder structure for the dashboards changed.
@tsg tsg mentioned this pull request Jul 5, 2017
Merged
@monicasarbu
Copy link
Contributor

@tsg Can you please add the screenshot under docs/images?

New machine learning jobs
e74556d 
We now have 5 ML job configs for the access logs:

* Detect unusual visitor rate
* Detect unusual response_code rates
* Detect low request rate
* Detect unusual remote_ips - high distinct count of urls
* Detect unusual remote_ips - high request rates

This also comes with two new sample dashboards, to which the user can jump when reviewing the ML job results.
@tsg
Copy link
Contributor Author

tsg commented Jul 5, 2017

@monicasarbu done, thanks for the review.

@monicasarbu monicasarbu merged commit 8b66642 into elastic:master Jul 5, 2017
monicasarbu pushed a commit that referenced this pull request Jul 5, 2017
@tsg @monicasarbu
Backport #4609 to 5.x: New ML configurations for Filebeat Nginx module (
d19b1c9 
#4612)

This backports #4609 to the 5.x branch. The backport was done manually by copying the files,
because the folder structure for the dashboards changed.
@tsg tsg mentioned this pull request Jul 17, 2017
Closed
4 tasks
@monicasarbu monicasarbu added the Filebeat Filebeat label Jul 17, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@monicasarbu monicasarbu monicasarbu approved these changes

Assignees
No one assigned
Labels
Filebeat Filebeat review v5.6.0 v6.0.0-beta1
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@tsg @monicasarbu