Get anomaly detection job results for categories Added in 5.4.0

POST /_ml/anomaly_detectors/{job_id}/results/categories/{category_id}

Path parameters

  • job_id string Required

    Identifier for the anomaly detection job.

  • category_id string Required

    Identifier for the category, which is unique in the job. If you specify neither the category ID nor the partition_field_value, the API returns information about all categories. If you specify only the partition_field_value, it returns information about all categories for the specified partition.

Query parameters

  • from number

    Skips the specified number of categories.

  • partition_field_value string

    Only return categories for the specified partition.

  • size number

    Specifies the maximum number of categories to obtain.

application/json

Body

  • page object

    Additional properties are allowed.

    Hide page attributes Show page attributes object
    • from number

      Skips the specified number of items.

    • size number

      Specifies the maximum number of items to obtain.

Responses

  • 200 application/json
    Hide response attributes Show response attributes object
    • categories array[object] Required
      Hide categories attributes Show categories attributes object
      • category_id number Required
      • examples array[string] Required

        A list of examples of actual values that matched the category.

      • grok_pattern string
      • job_id string Required
      • max_matching_length number Required
      • partition_field_name string

        If per-partition categorization is enabled, this property identifies the field used to segment the categorization. It is not present when per-partition categorization is disabled.

      • partition_field_value string

        If per-partition categorization is enabled, this property identifies the value of the partition_field_name for the category. It is not present when per-partition categorization is disabled.

      • regex string Required

        A regular expression that is used to search for values that match the category.

      • terms string Required

        A space separated list of the common tokens that are matched in values of the category.

      • num_matches number

        The number of messages that have been matched by this category. This is only guaranteed to have the latest accurate count after a job _flush or _close

      • preferred_to_categories array[string]

        A list of category_id entries that this current category encompasses. Any new message that is processed by the categorizer will match against this category and not any of the categories in this list. This is only guaranteed to have the latest accurate list of categories after a job _flush or _close

      • p string
      • result_type string Required
      • mlcategory string Required
    • count number Required
POST /_ml/anomaly_detectors/{job_id}/results/categories/{category_id} 
curl \
 -X POST http://api.example.com/_ml/anomaly_detectors/{job_id}/results/categories/{category_id} \
 -H "Content-Type: application/json" \
 -d '{"page":{"from":42.0,"size":42.0}}'
Request examples 
{
  "page": {
    "from": 42.0,
    "size": 42.0
  }
}
Response examples (200) 
{
  "categories": [
    {
      "category_id": 42.0,
      "examples": [
        "string"
      ],
      "grok_pattern": "string",
      "job_id": "string",
      "max_matching_length": 42.0,
      "partition_field_name": "string",
      "partition_field_value": "string",
      "regex": "string",
      "terms": "string",
      "num_matches": 42.0,
      "preferred_to_categories": [
        "string"
      ],
      "p": "string",
      "result_type": "string",
      "mlcategory": "string"
    }
  ],
  "count": 42.0
}