NOTE: You are looking at documentation for an older release. For the latest information, see the current release documentation.

« Get filters API Open jobs API »
Elastic Docs Elasticsearch Guide [6.8] X-Pack APIs Machine learning APIs

Get records API

edit
IMPORTANT: This documentation is no longer updated. Refer to Elastic's version policy and the latest documentation.

Get records API

edit

Retrieves anomaly records for a job.

Request

edit

GET _xpack/ml/anomaly_detectors/<job_id>/results/records

Path Parameters

edit
job_id
(string) Identifier for the job.

Request Body

edit
desc
(boolean) If true, the results are sorted in descending order.
end
(string) Returns records with timestamps earlier than this time.
exclude_interim
(boolean) If true, the output excludes interim results. By default, interim results are included.
page
from
(integer) Skips the specified number of records.
size
(integer) Specifies the maximum number of records to obtain.
record_score
(double) Returns records with anomaly scores greater or equal than this value.
sort
(string) Specifies the sort field for the requested records. By default, the records are sorted by the anomaly_score value.
start
(string) Returns records with timestamps after this time.

Results

edit

The API returns the following information:

records
(array) An array of record objects. For more information, see Records.

Authorization

edit

You must have monitor_ml, monitor, manage_ml, or manage cluster privileges to use this API. You also need read index privilege on the index that stores the results. The machine_learning_admin and machine_learning_user roles provide these privileges. For more information, see Security privileges and Built-in roles.

Examples

edit

The following example gets record information for the it-ops-kpi job:

GET _xpack/ml/anomaly_detectors/it-ops-kpi/results/records
{
  "sort": "record_score",
  "desc": true,
  "start": "1454944100000"
}

In this example, the API returns twelve results for the specified time constraints:

{
  "count": 12,
  "records": [
    {
      "job_id": "it-ops-kpi",
      "result_type": "record",
      "probability": 0.00000332668,
      "record_score": 72.9929,
      "initial_record_score": 65.7923,
      "bucket_span": 300,
      "detector_index": 0,
      "is_interim": false,
      "timestamp": 1454944200000,
      "function": "low_sum",
      "function_description": "sum",
      "typical": [
        1806.48
      ],
      "actual": [
        288
      ],
      "field_name": "events_per_min"
    },
  ...
  ]
}
« Get filters API Open jobs API »