OpenSearch/docs/en/rest-api/ml/update-datafeed.asciidoc

158 lines
3.4 KiB
Plaintext

//lcawley Verified example output 2017-04
[[ml-update-datafeed]]
==== Update Data Feeds
The update data feed API enables you to update certain properties of a data feed.
===== Request
`POST _xpack/ml/datafeeds/<feed_id>/_update`
===== Description
You must have `manage_ml`, or `manage` cluster privileges to use this API.
For more information, see <<privileges-list-cluster>>.
===== Path Parameters
`feed_id` (required)::
(string) Identifier for the data feed
===== Request Body
The following properties can be updated after the data feed is created:
`aggregations`::
(object) TBD.
`chunking_config`::
(object) TBD.
For example: {"mode": "manual", "time_span": "30000000ms"}
`frequency`::
() TBD: For example: "150s"
`indexes` (required)::
(array) An array of index names. For example: ["it_ops_metrics"]
`job_id`::
(string) A numerical character string that uniquely identifies the job.
`query`::
(object) The query that retrieves the data.
By default, this property has the following value: `{"match_all": {"boost": 1}}`.
`query_delay`::
() TBD. For example: "60s"
`scroll_size`::
() TBD. For example, 1000
`types` (required)::
() TBD. For example: ["network","sql","kpi"]
For more information about these properties,
see <<ml-datafeed-resource, Data Feed Resources>>.
////
===== Responses
TBD
200
(EmptyResponse) The cluster has been successfully deleted
404
(BasicFailedReply) The cluster specified by {cluster_id} cannot be found (code: clusters.cluster_not_found)
412
(BasicFailedReply) The Elasticsearch cluster has not been shutdown yet (code: clusters.cluster_plan_state_error)
////
===== Examples
The following example updates the `it-ops-kpi` job:
[source,js]
--------------------------------------------------
POST _xpack/ml/datafeeds/datafeed-it-ops-kpi/_update
{
"query_delay": "60s",
"frequency": "150s",
"aggregations": {
"buckets": {
"date_histogram": {
"field": "@timestamp",
"interval": 30000,
"offset": 0,
"order": {
"_key": "asc"
},
"keyed": false,
"min_doc_count": 0
},
"aggregations": {
"events_per_min": {
"sum": {
"field": "events_per_min"
}
},
"@timestamp": {
"max": {
"field": "@timestamp"
}
}
}
}
},
"scroll_size": 1000,
"chunking_config": {
"mode": "manual",
"time_span": "30000000ms"
}
}
--------------------------------------------------
// CONSOLE
// TEST[skip:todo]
When the data feed is updated, you receive the following results:
[source,js]
----
{
"datafeed_id": "datafeed-it-ops-kpi",
"job_id": "it-ops-kpi",
"query_delay": "60s",
"frequency": "150s",
...
"aggregations": {
"buckets": {
"date_histogram": {
"field": "@timestamp",
"interval": 30000,
"offset": 0,
"order": {
"_key": "asc"
},
"keyed": false,
"min_doc_count": 0
},
"aggregations": {
"events_per_min": {
"sum": {
"field": "events_per_min"
}
},
"@timestamp": {
"max": {
"field": "@timestamp"
}
}
}
}
},
"scroll_size": 1000,
"chunking_config": {
"mode": "manual",
"time_span": "30000000ms"
}
}
----