Machine learning jobs contain the configuration information and metadata necessary to perform an analytics task.
{kib} provides the following wizards to make it easier to create jobs:
A single metric job is a simple job that contains a single detector. A detector defines the type of analysis that will occur and which fields to analyze. In addition to limiting the number of detectors, the single metric job creation wizard omits many of the more advanced configuration options.
A multi-metric job can contain more than one detector, which is more efficient than running multiple jobs against the same data.
A population job detects activity that is unusual compared to the behavior of the population. For more information, see {stack-ov}/ml-configuring-pop.html[Performing population analysis].
An advanced job can contain multiple detectors and enables you to configure all job settings.
{kib} can also recognize certain types of data and provide specialized wizards for that context. For example, if you use {filebeat-ref}/index.html[{filebeat}] to ship access logs from your Nginx and Apache HTTP servers to {es} and store it using fields and datatypes from the {ecs-ref}/ecs-reference.html[Elastic Common Schema (ECS)], the following wizards appear:
Likewise, if you use {auditbeat-ref}/index.html[{auditbeat}] to audit process activity on your systems, the following wizards appear:
These wizards create {ml} jobs, dashboards, searches, and visualizations that are customized to help you analyze your {auditbeat} and {filebeat} data.
If you are not certain which type of job to create, you can use the Data Visualizer to learn more about your data and to identify possible fields for {ml} analysis.
|
Note
|
|
Ready to get some hands-on experience? See {stack-ov}/ml-getting-started.html[Getting Started with Machine Learning].
The following video tutorials also demonstrate single metric, multi-metric, and advanced jobs: