117 lines
2.4 KiB
Plaintext
117 lines
2.4 KiB
Plaintext
[[ml-put-datafeed]]
|
|
==== Create Data Feeds
|
|
|
|
The create data feed API enables you to instantiate a data feed.
|
|
|
|
===== Request
|
|
|
|
`PUT _xpack/ml/datafeeds/<feed_id>`
|
|
|
|
|
|
===== Description
|
|
|
|
You must create a job before you create a data feed. You can associate only one
|
|
data feed to each job.
|
|
|
|
===== Path Parameters
|
|
|
|
`feed_id` (required)::
|
|
(+string+) A numerical character string that uniquely identifies the data feed.
|
|
|
|
===== Request Body
|
|
|
|
aggregations::
|
|
(+object+) TBD. For example: {"@timestamp": {"histogram": {"field": "@timestamp",
|
|
"interval": 30000,"offset": 0,"order": {"_key": "asc"},"keyed": false,
|
|
"min_doc_count": 0}, "aggregations": {"events_per_min": {"sum": {
|
|
"field": "events_per_min"}}}}}
|
|
|
|
frequency::
|
|
TBD: For example: "150s"
|
|
|
|
indexes (required)::
|
|
(+array+) An array of index names. For example: ["it_ops_metrics"]
|
|
|
|
job_id (required)::
|
|
(+string+) A numerical character string that uniquely identifies the job.
|
|
|
|
query::
|
|
(+object+) The query that retrieves the data.
|
|
By default, this property has the following value: `{"match_all": {"boost": 1}}`.
|
|
|
|
query_delay::
|
|
TBD. For example: "60s"
|
|
|
|
scroll_size::
|
|
TBD. For example, 1000
|
|
|
|
types (required)::
|
|
TBD. For example: ["network","sql","kpi"]
|
|
|
|
For more information about these properties,
|
|
see <<ml-datafeed-resource, Data Feed Resources>>.
|
|
|
|
////
|
|
===== Responses
|
|
|
|
TBD
|
|
200
|
|
(EmptyResponse) The cluster has been successfully deleted
|
|
404
|
|
(BasicFailedReply) The cluster specified by {cluster_id} cannot be found (code: clusters.cluster_not_found)
|
|
412
|
|
(BasicFailedReply) The Elasticsearch cluster has not been shutdown yet (code: clusters.cluster_plan_state_error)
|
|
|
|
////
|
|
===== Examples
|
|
|
|
The following example creates the `datafeed-it-ops-kpi` data feed:
|
|
|
|
[source,js]
|
|
--------------------------------------------------
|
|
PUT _xpack/ml/datafeeds/datafeed-it-ops-kpi
|
|
{
|
|
"job_id": "it-ops-kpi",
|
|
"query":
|
|
{
|
|
"match_all":
|
|
{
|
|
"boost": 1
|
|
}
|
|
},
|
|
"indexes": [
|
|
"it_ops_metrics"
|
|
],
|
|
"types": [
|
|
"kpi",
|
|
"sql",
|
|
"network"
|
|
]
|
|
}
|
|
--------------------------------------------------
|
|
// CONSOLE
|
|
// TEST[skip:todo]
|
|
|
|
When the data feed is created, you receive the following results:
|
|
----
|
|
{
|
|
"datafeed_id": "datafeed-it-ops-kpi",
|
|
"job_id": "it-ops-kpi",
|
|
"query_delay": "1m",
|
|
"indexes": [
|
|
"it_ops_metrics"
|
|
],
|
|
"types": [
|
|
"kpi",
|
|
"sql",
|
|
"network"
|
|
],
|
|
"query": {
|
|
"match_all": {
|
|
"boost": 1
|
|
}
|
|
},
|
|
"scroll_size": 1000
|
|
}
|
|
----
|