diff --git a/docs/build.gradle b/docs/build.gradle index e4fef5f3e93..0f1a0a04237 100644 --- a/docs/build.gradle +++ b/docs/build.gradle @@ -10,6 +10,13 @@ apply plugin: 'elasticsearch.docs-test' * entirely and have a party! There will be cake and everything.... */ buildRestTests.expectedUnconvertedCandidates = [ 'en/ml/getting-started.asciidoc', + 'en/ml/functions/count.asciidoc', + 'en/ml/functions/geo.asciidoc', + 'en/ml/functions/info.asciidoc', + 'en/ml/functions/metric.asciidoc', + 'en/ml/functions/rare.asciidoc', + 'en/ml/functions/sum.asciidoc', + 'en/ml/functions/time.asciidoc', 'en/rest-api/security/users.asciidoc', 'en/rest-api/security/tokens.asciidoc', 'en/rest-api/watcher/put-watch.asciidoc', diff --git a/docs/en/ml/functions/geo.asciidoc b/docs/en/ml/functions/geo.asciidoc index 0a4854fd99b..7c9d8ac1f9b 100644 --- a/docs/en/ml/functions/geo.asciidoc +++ b/docs/en/ml/functions/geo.asciidoc @@ -11,3 +11,13 @@ input data. The `field_name` that you supply must be a string of the form `latitude,longitude`. The `latitude` and `longitude` must be in the range -180 to 180 and represent a point on the surface of the Earth. + + +//// + +[source,js] +-------------------------------------------------- +{ "function" : "lat_long", "fieldName" : "transactionCoordinates", "byFieldName" : "creditCardNumber" } +-------------------------------------------------- + +//// diff --git a/docs/en/ml/functions/info.asciidoc b/docs/en/ml/functions/info.asciidoc index f084d6c09f9..2c9cbac6b65 100644 --- a/docs/en/ml/functions/info.asciidoc +++ b/docs/en/ml/functions/info.asciidoc @@ -14,7 +14,10 @@ If you want to monitor for unusually high amounts of information, use `high_info If want to look at drops in information content, use `low_info_content`. //// -info_content:: information content -high_info_content::: information content +[source,js] +-------------------------------------------------- +{ "function" : "info_content", "fieldName" : "subdomain", "overFieldName" : "highest_registered_domain" } +-------------------------------------------------- + //// diff --git a/docs/en/ml/functions/metric.asciidoc b/docs/en/ml/functions/metric.asciidoc index 7ea7c2baa8b..a9cdc3d0089 100644 --- a/docs/en/ml/functions/metric.asciidoc +++ b/docs/en/ml/functions/metric.asciidoc @@ -33,4 +33,13 @@ varp:: population variance high_varp::: "" low_varp::: "" + + +[source,js] +-------------------------------------------------- +{ "function" : "min", "fieldName" : "amt", "byFieldName" : "product" } +-------------------------------------------------- + + + //// diff --git a/docs/en/ml/functions/rare.asciidoc b/docs/en/ml/functions/rare.asciidoc index 362e2e67171..c63673c5847 100644 --- a/docs/en/ml/functions/rare.asciidoc +++ b/docs/en/ml/functions/rare.asciidoc @@ -31,4 +31,12 @@ for typical data. rare:: rare items freq_rare:: frequently rare items + + +[source,js] +-------------------------------------------------- +{ "function" : "min", "fieldName" : "amt", "byFieldName" : "product" } +-------------------------------------------------- + + //// diff --git a/docs/en/ml/functions/sum.asciidoc b/docs/en/ml/functions/sum.asciidoc index d587aa31839..781524d23ab 100644 --- a/docs/en/ml/functions/sum.asciidoc +++ b/docs/en/ml/functions/sum.asciidoc @@ -23,4 +23,12 @@ example, transactions per minute. TBD: Incorporate from prelert docs?: Ensure you are familiar with our advice on Summarization of Input Data, as this is likely to provide a more appropriate method to using the sum function. + + +[source,js] +-------------------------------------------------- +{ "function" : "high_sum", "fieldName" : "cs_bytes", "overFieldName" : "cs_host" } +-------------------------------------------------- + + //// diff --git a/docs/en/ml/functions/time.asciidoc b/docs/en/ml/functions/time.asciidoc index cd3f9f7ec20..e79881f3f24 100644 --- a/docs/en/ml/functions/time.asciidoc +++ b/docs/en/ml/functions/time.asciidoc @@ -29,3 +29,14 @@ This situation occurs because the actual time of the event (as measured against baseline) has changed. This situation is treated as a step change in behavior and the new times will be learned quickly. ==== + + +///// + +[source,js] +-------------------------------------------------- +{ "function" : "time_of_day", "byFieldName" : "process" } +-------------------------------------------------- + + +/////