Creating machine learning jobsedit

Machine learning jobs contain the configuration information and metadata necessary to perform an analytics task.

Kibana provides the following wizards to make it easier to create jobs:

Create New Job

A single metric job is a simple job that contains a single detector. A detector defines the type of analysis that will occur and which fields to analyze. In addition to limiting the number of detectors, the single metric job creation wizard omits many of the more advanced configuration options.

A multi-metric job can contain more than one detector, which is more efficient than running multiple jobs against the same data.

A population job detects activity that is unusual compared to the behavior of the population. For more information, see Performing population analysis.

An advanced job can contain multiple detectors and enables you to configure all job settings.

Kibana can also recognize certain types of data and provide specialized wizards for that context. For example, if you use Filebeat to ship access logs from your Nginx and Apache HTTP servers to Elasticsearch, the following wizards appear:

A screenshot of the Apache and NGINX job creation wizards

If you are not certain which type of job to create, you can use the Data Visualizer to learn more about your data and to identify possible fields for machine learning analysis.

A screenshot of the Data Visualizer option when creating new jobs
  • If your index pattern does not contain a time field, you cannot use the Data Visualizer.
  • If your data is located outside of Elasticsearch, you cannot use Kibana to create your jobs and you cannot use datafeeds to retrieve your data in real time. Machine learning analysis is still possible, however, by using APIs to create and manage jobs and post data to them. For more information, see Machine Learning APIs.

Ready to get some hands-on experience? See Getting started with machine learning.

The following video tutorials also demonstrate single metric, multi-metric, and advanced jobs: