Define Anomaly Detection Machine Learning Jobs in Kibana 7.6

2.5 hours
  • 3 Learning Objectives

About this Hands-on Lab

Through the use of unsupervised statistical anomaly detection algorithms, Kibana manages to convert the mystery of machine learning (ML) into an easy-to-use and understandable interface from which machine learning jobs can be created and analyzed without a deep knowledge of how they work. In this hands-on lab, you will get to create and analyze the results of various machine learning jobs in Kibana to find hidden anomalies in the data.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Create and Run the flights ML Job
  1. Create a single metric anomaly detection machine learning job for the flights index pattern.
  2. Use the full flights data as the time range.
  3. Configure the job to analyze the count of flights.
  4. Configure the bucket span to be the Estimate bucket span output.
  5. Set the job ID to "flights".
  6. Create and configure the job to run in real time.
Create and Run the flights-delayed ML Job
  1. Create a multi metric anomaly detection machine learning job for the flights index pattern.
  2. Use the full flights data as the time range.
  3. Configure the job to analyze the high count of flights and the high sum of FlightDelayMin for each FlightDelayType.
  4. Configure the bucket span to be the Estimate bucket span output.
  5. Configure the job to ignore sparse data.
  6. Set the job ID to "flights-delayed".
  7. Create and configure the job to run in real time.
Create and Run the flights-ticket-price ML Job
  1. Create a new population anomaly detection machine learning job for the flights index pattern.
  2. Use the full flights data as the time range.
  3. Configure the job to analyze the average (mean) of AvgTicketPrice for the population of Carrier.
  4. Configure the bucket span to be the Estimate bucket span output.
  5. Set the job ID to "flights-ticket-price".
  6. Create and configure the job to run in real time.

Additional Resources

You work as a data analyst for the Federal Aviation Administration (FAA). You have been tasked with creating the following anomaly detection machine learning jobs in Kibana to help spot potential issues in real time:

Create and Run the flights Job

  • Create a single metric anomaly detection machine learning job for the flights index pattern.
  • Use the full flights data as the time range.
  • Configure the job to analyze the count of flights.
  • Configure the bucket span to be the Estimate bucket span output.
  • Set the job ID to "flights".
  • Create and configure the job to run in real time.

Create and Run the flights-delayed Job

  • Create a multi metric anomaly detection machine learning job for the flights index pattern.
  • Use the full flights data as the time range.
  • Configure the job to analyze the high count of flights and the high sum of FlightDelayMin for each FlightDelayType.
  • Configure the bucket span to be the Estimate bucket span output.
  • Configure the job to ignore sparse data.
  • Set the job ID to "flights-delayed".
  • Create and configure the job to run in real time.

Create and Run the flights-ticket-price Job

  • Create a new population anomaly detection machine learning job for the flights index pattern.
  • Use the full flights data as the time range.
  • Configure the job to analyze the average (mean) of AvgTicketPrice for the population of Carrier.
  • Configure the bucket span to be the Estimate bucket span output.
  • Set the job ID to "flights-ticket-price".
  • Create and configure the job to run in real time.

Your lab node has a Kibana instance, which can be accessed in your local web browser by navigating to the public IP address of the lab node over port 8080 (for example, http://public_ip:8080). To log in, use the elastic user with the password elastic_acg.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?