预览数据源 API
编辑预览数据源 API
编辑预览数据源。
请求
编辑GET _ml/datafeeds/<datafeed_id>/_preview
POST _ml/datafeeds/<datafeed_id>/_preview
GET _ml/datafeeds/_preview
POST _ml/datafeeds/_preview
描述
编辑预览数据源 API 返回数据源的第一“页”搜索结果。您可以预览现有数据源,或者在 API 中提供数据源和异常检测作业的配置详细信息。预览显示将传递给异常检测引擎的数据结构。
当启用 Elasticsearch 安全功能时,数据源查询会使用调用预览数据源 API 的用户的凭据进行预览。当数据源启动时,它会使用上次创建或更新它的用户的角色运行查询。如果两组角色不同,则预览可能无法准确反映数据源启动时将返回的内容。为避免此类问题,创建或更新数据源的同一用户应预览它,以确保它返回预期的数据。或者,使用辅助授权标头来提供凭据。
路径参数
编辑-
<datafeed_id> -
(可选,字符串)唯一标识数据源的数字字符串。此标识符可以包含小写字母数字字符(a-z 和 0-9)、连字符和下划线。它必须以字母数字字符开头和结尾。
如果将
<datafeed_id>作为路径参数提供,则无法在请求正文中提供数据源或异常检测作业配置详细信息。
查询参数
编辑-
end -
(可选,字符串)数据源预览应结束的时间。预览可能不会到达提供的值的末尾,因为只返回第一页结果。可以使用以下格式之一指定时间
- 带毫秒的 ISO 8601 格式,例如
2017-01-22T06:00:00.000Z - 不带毫秒的 ISO 8601 格式,例如
2017-01-22T06:00:00+00:00 - 自纪元以来的毫秒数,例如
1485061200000
使用任一 ISO 8601 格式的日期时间参数必须具有时区指示符,其中
Z被接受为 UTC 时间的缩写。当需要 URL 时(例如,在浏览器中),时区指示符中使用的
+必须编码为%2B。此值是排他的。
- 带毫秒的 ISO 8601 格式,例如
-
start - (可选,字符串)数据源预览应开始的时间,可以使用与
end参数相同的格式指定。此值是包含的。
如果您既不提供 start 参数也不提供 end 参数,则数据源预览将搜索整个时间段的数据,但会排除 cold 或 frozen 数据层中的数据。
请求正文
编辑-
datafeed_config - (可选,对象)要预览的数据源定义。有关有效定义,请参阅创建数据源 API。
-
job_config - (可选,对象)与数据源关联的异常检测作业的配置详细信息。如果
datafeed_config对象不包含引用现有异常检测作业的job_id,则必须提供此job_config对象。如果同时包含job_id和job_config,则使用后者的信息。除非同时提供datafeed_config对象,否则无法指定job_config对象。有关有效定义,请参阅创建异常检测作业 API。
示例
编辑这是提供现有数据源 ID 的示例
resp = client.ml.preview_datafeed(
datafeed_id="datafeed-high_sum_total_sales",
)
print(resp)
response = client.ml.preview_datafeed( datafeed_id: 'datafeed-high_sum_total_sales' ) puts response
const response = await client.ml.previewDatafeed({
datafeed_id: "datafeed-high_sum_total_sales",
});
console.log(response);
GET _ml/datafeeds/datafeed-high_sum_total_sales/_preview
此示例返回的数据如下
[
{
"order_date" : 1574294659000,
"category.keyword" : "Men's Clothing",
"customer_full_name.keyword" : "Sultan Al Benson",
"taxful_total_price" : 35.96875
},
{
"order_date" : 1574294918000,
"category.keyword" : [
"Women's Accessories",
"Women's Clothing"
],
"customer_full_name.keyword" : "Pia Webb",
"taxful_total_price" : 83.0
},
{
"order_date" : 1574295782000,
"category.keyword" : [
"Women's Accessories",
"Women's Shoes"
],
"customer_full_name.keyword" : "Brigitte Graham",
"taxful_total_price" : 72.0
}
]
以下示例在 API 中提供数据源和异常检测作业配置详细信息
resp = client.ml.preview_datafeed(
datafeed_config={
"indices": [
"kibana_sample_data_ecommerce"
],
"query": {
"bool": {
"filter": [
{
"term": {
"_index": "kibana_sample_data_ecommerce"
}
}
]
}
},
"scroll_size": 1000
},
job_config={
"description": "Find customers spending an unusually high amount in an hour",
"analysis_config": {
"bucket_span": "1h",
"detectors": [
{
"detector_description": "High total sales",
"function": "high_sum",
"field_name": "taxful_total_price",
"over_field_name": "customer_full_name.keyword"
}
],
"influencers": [
"customer_full_name.keyword",
"category.keyword"
]
},
"analysis_limits": {
"model_memory_limit": "10mb"
},
"data_description": {
"time_field": "order_date",
"time_format": "epoch_ms"
}
},
)
print(resp)
response = client.ml.preview_datafeed(
body: {
datafeed_config: {
indices: [
'kibana_sample_data_ecommerce'
],
query: {
bool: {
filter: [
{
term: {
_index: 'kibana_sample_data_ecommerce'
}
}
]
}
},
scroll_size: 1000
},
job_config: {
description: 'Find customers spending an unusually high amount in an hour',
analysis_config: {
bucket_span: '1h',
detectors: [
{
detector_description: 'High total sales',
function: 'high_sum',
field_name: 'taxful_total_price',
over_field_name: 'customer_full_name.keyword'
}
],
influencers: [
'customer_full_name.keyword',
'category.keyword'
]
},
analysis_limits: {
model_memory_limit: '10mb'
},
data_description: {
time_field: 'order_date',
time_format: 'epoch_ms'
}
}
}
)
puts response
const response = await client.ml.previewDatafeed({
datafeed_config: {
indices: ["kibana_sample_data_ecommerce"],
query: {
bool: {
filter: [
{
term: {
_index: "kibana_sample_data_ecommerce",
},
},
],
},
},
scroll_size: 1000,
},
job_config: {
description: "Find customers spending an unusually high amount in an hour",
analysis_config: {
bucket_span: "1h",
detectors: [
{
detector_description: "High total sales",
function: "high_sum",
field_name: "taxful_total_price",
over_field_name: "customer_full_name.keyword",
},
],
influencers: ["customer_full_name.keyword", "category.keyword"],
},
analysis_limits: {
model_memory_limit: "10mb",
},
data_description: {
time_field: "order_date",
time_format: "epoch_ms",
},
},
});
console.log(response);
POST _ml/datafeeds/_preview
{
"datafeed_config": {
"indices" : [
"kibana_sample_data_ecommerce"
],
"query" : {
"bool" : {
"filter" : [
{
"term" : {
"_index" : "kibana_sample_data_ecommerce"
}
}
]
}
},
"scroll_size" : 1000
},
"job_config": {
"description" : "Find customers spending an unusually high amount in an hour",
"analysis_config" : {
"bucket_span" : "1h",
"detectors" : [
{
"detector_description" : "High total sales",
"function" : "high_sum",
"field_name" : "taxful_total_price",
"over_field_name" : "customer_full_name.keyword"
}
],
"influencers" : [
"customer_full_name.keyword",
"category.keyword"
]
},
"analysis_limits" : {
"model_memory_limit" : "10mb"
},
"data_description" : {
"time_field" : "order_date",
"time_format" : "epoch_ms"
}
}
}
此示例返回的数据如下
[
{
"order_date" : 1574294659000,
"category.keyword" : "Men's Clothing",
"customer_full_name.keyword" : "Sultan Al Benson",
"taxful_total_price" : 35.96875
},
{
"order_date" : 1574294918000,
"category.keyword" : [
"Women's Accessories",
"Women's Clothing"
],
"customer_full_name.keyword" : "Pia Webb",
"taxful_total_price" : 83.0
},
{
"order_date" : 1574295782000,
"category.keyword" : [
"Women's Accessories",
"Women's Shoes"
],
"customer_full_name.keyword" : "Brigitte Graham",
"taxful_total_price" : 72.0
}
]