[ML][DOCS] Correct get-overall-buckets API example (elastic/x-pack-elasticsearch#3269)

Also fixes the score filters explanation for the results APIs.

Original commit: elastic/x-pack-elasticsearch@18cb31ab56
This commit is contained in:
Dimitris Athanasiou 2017-12-08 16:03:51 +00:00 committed by GitHub
parent aff5cc840f
commit a9535c0b5a
4 changed files with 53 additions and 7 deletions

View File

@ -31,7 +31,7 @@ This API presents a chronological view of the records, grouped by bucket.
==== Request Body ==== Request Body
`anomaly_score`:: `anomaly_score`::
(double) Returns buckets with anomaly scores higher than this value. (double) Returns buckets with anomaly scores greater or equal than this value.
`desc`:: `desc`::
(boolean) If true, the buckets are sorted in descending order. (boolean) If true, the buckets are sorted in descending order.

View File

@ -30,7 +30,7 @@ influencers.
By default, interim results are included. By default, interim results are included.
`influencer_score`:: `influencer_score`::
(double) Returns influencers with anomaly scores higher than this value. (double) Returns influencers with anomaly scores greater or equal than this value.
`page`:: `page`::
`from`::: `from`:::

View File

@ -63,7 +63,7 @@ overall buckets with a span equal to the largest job's `bucket_span`.
By default, interim results are included. By default, interim results are included.
`overall_score`:: `overall_score`::
(double) Returns overall buckets with overall scores higher than this value. (double) Returns overall buckets with overall scores greater or equal than this value.
`start`:: `start`::
(string) Returns overall buckets with timestamps after this time. (string) Returns overall buckets with timestamps after this time.
@ -101,7 +101,7 @@ The following example gets overall buckets for jobs with IDs matching `job-*`:
-------------------------------------------------- --------------------------------------------------
GET _xpack/ml/anomaly_detectors/job-*/results/overall_buckets GET _xpack/ml/anomaly_detectors/job-*/results/overall_buckets
{ {
"overall_score": 90, "overall_score": 80,
"start": "1403532000000" "start": "1403532000000"
} }
-------------------------------------------------- --------------------------------------------------
@ -109,7 +109,8 @@ GET _xpack/ml/anomaly_detectors/job-*/results/overall_buckets
// TEST[skip:todo] // TEST[skip:todo]
In this example, the API returns a single result that matches the specified In this example, the API returns a single result that matches the specified
score and time constraints: score and time constraints. The `overall_score` is the max job score as
`top_n` defaults to 1 when not specified:
[source,js] [source,js]
---- ----
{ {
@ -118,7 +119,52 @@ score and time constraints:
{ {
"timestamp" : 1403532000000, "timestamp" : 1403532000000,
"bucket_span" : 3600, "bucket_span" : 3600,
"overall_score" : 40.0, "overall_score" : 80.0,
"jobs" : [
{
"job_id" : "job-1",
"max_anomaly_score" : 30.0
},
{
"job_id" : "job-2",
"max_anomaly_score" : 10.0
},
{
"job_id" : "job-3",
"max_anomaly_score" : 80.0
}
],
"is_interim" : false,
"result_type" : "overall_bucket"
}
]
}
----
The next example is similar but this time `top_n` is set to `2`:
[source,js]
--------------------------------------------------
GET _xpack/ml/anomaly_detectors/job-*/results/overall_buckets
{
"top_n": 2,
"overall_score": 50.0,
"start": "1403532000000"
}
--------------------------------------------------
// CONSOLE
// TEST[skip:todo]
Note how the `overall_score` is now the average of the top 2 job scores:
[source,js]
----
{
"count": 1,
"overall_buckets": [
{
"timestamp" : 1403532000000,
"bucket_span" : 3600,
"overall_score" : 55.0,
"jobs" : [ "jobs" : [
{ {
"job_id" : "job-1", "job_id" : "job-1",

View File

@ -36,7 +36,7 @@ The get records API enables you to retrieve anomaly records for a job.
(integer) Specifies the maximum number of records to obtain. (integer) Specifies the maximum number of records to obtain.
`record_score`:: `record_score`::
(double) Returns records with anomaly scores higher than this value. (double) Returns records with anomaly scores greater or equal than this value.
`sort`:: `sort`::
(string) Specifies the sort field for the requested records. (string) Specifies the sort field for the requested records.