OpenSearch/docs/reference/cat/anomaly-detectors.asciidoc

284 lines
10 KiB
Plaintext
Raw Normal View History

[role="xpack"]
[testenv="platinum"]
[[cat-anomaly-detectors]]
=== cat anomaly detectors API
++++
<titleabbrev>cat anomaly detectors</titleabbrev>
++++
Returns configuration and usage information about {anomaly-jobs}.
[[cat-anomaly-detectors-request]]
==== {api-request-title}
`GET /_cat/ml/anomaly_detectors/<job_id>` +
`GET /_cat/ml/anomaly_detectors`
[[cat-anomaly-detectors-prereqs]]
==== {api-prereq-title}
* If the {es} {security-features} are enabled, you must have `monitor_ml`,
`monitor`, `manage_ml`, or `manage` cluster privileges to use this API. See
<<security-privileges>> and {ml-docs-setup-privileges}.
[[cat-anomaly-detectors-desc]]
==== {api-description-title}
See {ml-docs}/ml-jobs.html[{anomaly-jobs-cap}].
NOTE: This API returns a maximum of 10,000 jobs.
[[cat-anomaly-detectors-path-params]]
==== {api-path-parms-title}
`<job_id>`::
(Optional, string)
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=job-id-anomaly-detection]
[[cat-anomaly-detectors-query-params]]
==== {api-query-parms-title}
`allow_no_match`::
(Optional, boolean)
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=allow-no-jobs]
include::{es-repo-dir}/rest-api/common-parms.asciidoc[tag=bytes]
include::{es-repo-dir}/rest-api/common-parms.asciidoc[tag=http-format]
include::{es-repo-dir}/rest-api/common-parms.asciidoc[tag=cat-h]
+
If you do not specify which columns to include, the API returns the default
columns. If you explicitly specify one or more columns, it returns only the
specified columns.
+
Valid columns are:
`assignment_explanation`, `ae`:::
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=assignment-explanation-anomaly-jobs]
`buckets.count`, `bc`, `bucketsCount`:::
(Default)
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=bucket-count-anomaly-jobs]
`buckets.time.exp_avg`, `btea`, `bucketsTimeExpAvg`:::
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=bucket-time-exponential-average]
`buckets.time.exp_avg_hour`, `bteah`, `bucketsTimeExpAvgHour`:::
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=bucket-time-exponential-average-hour]
`buckets.time.max`, `btmax`, `bucketsTimeMax`:::
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=bucket-time-maximum]
`buckets.time.min`, `btmin`, `bucketsTimeMin`:::
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=bucket-time-minimum]
`buckets.time.total`, `btt`, `bucketsTimeTotal`:::
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=bucket-time-total]
`data.buckets`, `db`, `dataBuckets`:::
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=bucket-count]
`data.earliest_record`, `der`, `dataEarliestRecord`:::
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=earliest-record-timestamp]
`data.empty_buckets`, `deb`, `dataEmptyBuckets`:::
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=empty-bucket-count]
`data.input_bytes`, `dib`, `dataInputBytes`:::
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=input-bytes]
`data.input_fields`, `dif`, `dataInputFields`:::
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=input-field-count]
`data.input_records`, `dir`, `dataInputRecords`:::
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=input-record-count]
`data.invalid_dates`, `did`, `dataInvalidDates`:::
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=invalid-date-count]
`data.last`, `dl`, `dataLast`:::
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=last-data-time]
`data.last_empty_bucket`, `dleb`, `dataLastEmptyBucket`:::
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=latest-empty-bucket-timestamp]
`data.last_sparse_bucket`, `dlsb`, `dataLastSparseBucket`:::
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=latest-sparse-record-timestamp]
`data.latest_record`, `dlr`, `dataLatestRecord`:::
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=latest-record-timestamp]
`data.missing_fields`, `dmf`, `dataMissingFields`:::
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=missing-field-count]
`data.out_of_order_timestamps`, `doot`, `dataOutOfOrderTimestamps`:::
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=out-of-order-timestamp-count]
`data.processed_fields`, `dpf`, `dataProcessedFields`:::
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=processed-field-count]
`data.processed_records`, `dpr`, `dataProcessedRecords`:::
(Default)
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=processed-record-count]
`data.sparse_buckets`, `dsb`, `dataSparseBuckets`:::
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=sparse-bucket-count]
`forecasts.memory.avg`, `fmavg`, `forecastsMemoryAvg`:::
The average memory usage in bytes for forecasts related to the {anomaly-job}.
`forecasts.memory.max`, `fmmax`, `forecastsMemoryMax`:::
The maximum memory usage in bytes for forecasts related to the {anomaly-job}.
`forecasts.memory.min`, `fmmin`, `forecastsMemoryMin`:::
The minimum memory usage in bytes for forecasts related to the {anomaly-job}.
`forecasts.memory.total`, `fmt`, `forecastsMemoryTotal`:::
The total memory usage in bytes for forecasts related to the {anomaly-job}.
`forecasts.records.avg`, `fravg`, `forecastsRecordsAvg`:::
The average number of `model_forecast` documents written for forecasts related
to the {anomaly-job}.
`forecasts.records.max`, `frmax`, `forecastsRecordsMax`:::
The maximum number of `model_forecast` documents written for forecasts related
to the {anomaly-job}.
`forecasts.records.min`, `frmin`, `forecastsRecordsMin`:::
The minimum number of `model_forecast` documents written for forecasts related
to the {anomaly-job}.
`forecasts.records.total`, `frt`, `forecastsRecordsTotal`:::
The total number of `model_forecast` documents written for forecasts related to
the {anomaly-job}.
`forecasts.time.avg`, `ftavg`, `forecastsTimeAvg`:::
The average runtime in milliseconds for forecasts related to the {anomaly-job}.
`forecasts.time.max`, `ftmax`, `forecastsTimeMax`:::
The maximum runtime in milliseconds for forecasts related to the {anomaly-job}.
`forecasts.time.min`, `ftmin`, `forecastsTimeMin`:::
The minimum runtime in milliseconds for forecasts related to the {anomaly-job}.
`forecasts.time.total`, `ftt`, `forecastsTimeTotal`:::
The total runtime in milliseconds for forecasts related to the {anomaly-job}.
`forecasts.total`, `ft`, `forecastsTotal`:::
(Default)
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=forecast-total]
`id`:::
(Default)
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=job-id-anomaly-detection]
`model.bucket_allocation_failures`, `mbaf`, `modelBucketAllocationFailures`:::
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=bucket-allocation-failures-count]
`model.by_fields`, `mbf`, `modelByFields`:::
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=total-by-field-count]
`model.bytes`, `mb`, `modelBytes`:::
(Default)
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=model-bytes]
`model.bytes_exceeded`, `mbe`, `modelBytesExceeded`:::
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=model-bytes-exceeded]
`model.categorization_status`, `mcs`, `modelCategorizationStatus`:::
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=categorization-status]
`model.categorized_doc_count`, `mcdc`, `modelCategorizedDocCount`:::
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=categorized-doc-count]
`model.dead_category_count`, `mdcc`, `modelDeadCategoryCount`:::
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=dead-category-count]
`model.failed_category_count`, `mdcc`, `modelFailedCategoryCount`:::
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=failed-category-count]
`model.frequent_category_count`, `mfcc`, `modelFrequentCategoryCount`:::
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=frequent-category-count]
`model.log_time`, `mlt`, `modelLogTime`:::
The timestamp when the model stats were gathered, according to server time.
`model.memory_limit`, `mml`, `modelMemoryLimit`:::
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=model-memory-limit-anomaly-jobs]
`model.memory_status`, `mms`, `modelMemoryStatus`:::
(Default)
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=model-memory-status]
`model.over_fields`, `mof`, `modelOverFields`:::
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=total-over-field-count]
`model.partition_fields`, `mpf`, `modelPartitionFields`:::
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=total-partition-field-count]
`model.rare_category_count`, `mrcc`, `modelRareCategoryCount`:::
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=rare-category-count]
`model.timestamp`, `mt`, `modelTimestamp`:::
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=model-timestamp]
`model.total_category_count`, `mtcc`, `modelTotalCategoryCount`:::
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=total-category-count]
`node.address`, `na`, `nodeAddress`:::
The network address of the node.
+
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=node-jobs]
`node.ephemeral_id`, `ne`, `nodeEphemeralId`:::
The ephemeral ID of the node.
+
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=node-jobs]
`node.id`, `ni`, `nodeId`:::
The unique identifier of the node.
+
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=node-jobs]
`node.name`, `nn`, `nodeName`:::
The node name.
+
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=node-jobs]
`opened_time`, `ot`:::
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=open-time]
`state`, `s`:::
(Default)
include::{es-repo-dir}/ml/ml-shared.asciidoc[tag=state-anomaly-job]
include::{es-repo-dir}/rest-api/common-parms.asciidoc[tag=help]
include::{es-repo-dir}/rest-api/common-parms.asciidoc[tag=cat-s]
include::{es-repo-dir}/rest-api/common-parms.asciidoc[tag=time]
include::{es-repo-dir}/rest-api/common-parms.asciidoc[tag=cat-v]
[[cat-anomaly-detectors-example]]
==== {api-examples-title}
[source,console]
--------------------------------------------------
GET _cat/ml/anomaly_detectors?h=id,s,dpr,mb&v
--------------------------------------------------
// TEST[skip:kibana sample data]
[source,console-result]
----
id s dpr mb
high_sum_total_sales closed 14022 1.5mb
low_request_rate closed 1216 40.5kb
response_code_rates closed 28146 132.7kb
url_scanning closed 28146 501.6kb
----
// TESTRESPONSE[skip:kibana sample data]