diff --git a/docs/redirects.asciidoc b/docs/redirects.asciidoc index 43013e8c954f89..8e51fa1158d3d4 100644 --- a/docs/redirects.asciidoc +++ b/docs/redirects.asciidoc @@ -29,3 +29,8 @@ This page has moved. Please see {stack-ov}/create-jobs.html[Creating {anomaly-jo == Machine learning job tips This page has moved. Please see {stack-ov}/job-tips.html[Machine learning job tips]. + +[role="exclude",id="extend"] +== Extend your use case + +This page was deleted. See <> and <>. diff --git a/docs/user/extend.asciidoc b/docs/user/extend.asciidoc deleted file mode 100644 index c658731ce3c3db..00000000000000 --- a/docs/user/extend.asciidoc +++ /dev/null @@ -1,15 +0,0 @@ -[[extend]] -= Extend your use case - -[partintro] --- -//TBD - -* <> -* <> - --- - -include::graph/index.asciidoc[] - -include::ml/index.asciidoc[] diff --git a/docs/user/graph/configuring-graph.asciidoc b/docs/user/graph/configuring-graph.asciidoc index fa5fe1613a266d..b9f08331646b04 100644 --- a/docs/user/graph/configuring-graph.asciidoc +++ b/docs/user/graph/configuring-graph.asciidoc @@ -1,6 +1,6 @@ [role="xpack"] [[graph-configuration]] -=== Configuring Graph +== Configuring Graph When a user saves a graph workspace in Kibana, it is stored in the `.kibana` index along with other saved objects like visualizations and dashboards. @@ -49,7 +49,7 @@ explicitly selects the include data option. [float] [[disable-drill-down]] -==== Disabling drill down configuration +=== Disabling drill down configuration By default, users can configure _drill down_ URLs to display additional information about a selected vertex in a new browser window. For example, diff --git a/docs/user/graph/getting-started.asciidoc b/docs/user/graph/getting-started.asciidoc index dd5e8527c8976f..19f3df341338ec 100644 --- a/docs/user/graph/getting-started.asciidoc +++ b/docs/user/graph/getting-started.asciidoc @@ -1,6 +1,6 @@ [role="xpack"] [[graph-getting-started]] -=== Using Graph +== Using Graph Graph is automatically enabled in {es} and {kib}. diff --git a/docs/user/graph/index.asciidoc b/docs/user/graph/index.asciidoc index 9ca7b0e4b1a4a4..f9094f5b594b10 100644 --- a/docs/user/graph/index.asciidoc +++ b/docs/user/graph/index.asciidoc @@ -1,7 +1,9 @@ [role="xpack"] [[xpack-graph]] -== Graph data connections += Graph data connections +[partintro] +-- The {graph-features} enable you to discover how items in an Elasticsearch index are related. You can explore the connections between indexed terms and see which connections are the most meaningful. This can be @@ -17,9 +19,9 @@ and an interactive graph visualization tool for Kibana. Both work out of the box with existing Elasticsearch indices--you don't need to store any additional data to use these features. +[discrete] [[how-graph-works]] -[float] -=== How Graph works +== How Graph works The graph API provides an alternative way to extract and summarize information about the documents and terms in your Elasticsearch index. A _graph_ is really just a network of related items. In our case, this means a network of related @@ -62,6 +64,7 @@ multi-node clusters and scales with your Elasticsearch deployment. Advanced options let you control how your data is sampled and summarized. You can also set timeouts to prevent graph queries from adversely affecting the cluster. +-- include::getting-started.asciidoc[] diff --git a/docs/user/graph/limitations.asciidoc b/docs/user/graph/limitations.asciidoc index b40f15000483ad..e96910bd27b4c0 100644 --- a/docs/user/graph/limitations.asciidoc +++ b/docs/user/graph/limitations.asciidoc @@ -1,12 +1,12 @@ [role="xpack"] [[graph-limitations]] -=== Graph limitations +== Graph limitations ++++ Limitations ++++ -[float] -==== Limited support for multiple indices +[discrete] +=== Limited support for multiple indices The graph API can explore multiple indices, types, or aliases in a single API request, but the assumption is that each "hop" it performs is querying the same set of indices. Currently, it is not possible to diff --git a/docs/user/graph/troubleshooting.asciidoc b/docs/user/graph/troubleshooting.asciidoc index 7a87aba7b7f813..ff3568ed41afa2 100644 --- a/docs/user/graph/troubleshooting.asciidoc +++ b/docs/user/graph/troubleshooting.asciidoc @@ -1,12 +1,12 @@ [role="xpack"] [[graph-troubleshooting]] -=== Graph Troubleshooting +== Graph Troubleshooting ++++ Troubleshooting ++++ -[float] -==== Why are results missing? +[discrete] +=== Why are results missing? The default settings in Graph API requests are configured to tune out noisy results by using the following strategies: @@ -29,8 +29,8 @@ of any statistical correlation with the sample. * Set the `min_doc_count` for your vertices to 1 to ensure only one document is required to assert a relationship. -[float] -==== What can I do to to improve performance? +[discrete] +=== What can I do to to improve performance? With the default setting of `use_significance` set to `true`, the Graph API performs a background frequency check of the terms it discovers as part of diff --git a/docs/user/index.asciidoc b/docs/user/index.asciidoc index a806ad007b37f2..3df5056dac57b9 100644 --- a/docs/user/index.asciidoc +++ b/docs/user/index.asciidoc @@ -16,7 +16,9 @@ include::dashboard.asciidoc[] include::canvas.asciidoc[] -include::extend.asciidoc[] +include::graph/index.asciidoc[] + +include::ml/index.asciidoc[] include::{kib-repo-dir}/maps/index.asciidoc[] diff --git a/docs/user/ml/index.asciidoc b/docs/user/ml/index.asciidoc index 79aa6964c11fdf..9be846db9cec3a 100644 --- a/docs/user/ml/index.asciidoc +++ b/docs/user/ml/index.asciidoc @@ -1,17 +1,14 @@ [role="xpack"] [[xpack-ml]] -== {ml-cap} += {ml-cap} +[partintro] +-- As datasets increase in size and complexity, the human effort required to inspect dashboards or maintain rules for spotting infrastructure problems, -cyber attacks, or business issues becomes impractical. The Elastic {ml} -{anomaly-detect} feature automatically model the normal behavior of your time -series data — learning trends, periodicity, and more — in real time to identify -anomalies, streamline root cause analysis, and reduce false positives. - -{anomaly-detect-cap} run in and scale with {es}, and include an -intuitive UI on the {kib} *Machine Learning* page for creating {anomaly-jobs} -and understanding results. +cyber attacks, or business issues becomes impractical. Elastic {ml-features} +such as {anomaly-detect} make it easier to notice suspicious activities with +minimal human interference. If you have a basic license, you can use the *Data Visualizer* to learn more about your data. In particular, if your data is stored in {es} and contains a @@ -25,9 +22,21 @@ experimental[] You can also upload a CSV, NDJSON, or log file (up to 100 MB in s The *Data Visualizer* identifies the file format and field mappings. You can then optionally import that data into an {es} index. -If you have a trial or platinum license, you can -create {anomaly-jobs} and manage jobs and {dfeeds} from the *Job -Management* pane: +-- + +[role="xpack"] +[[xpack-ml-anomalies]] +== {anomaly-detect-cap} + +The Elastic {ml} {anomaly-detect} feature automatically model the normal +behavior of your time series data — learning trends, periodicity, and more — in +real time to identify anomalies, streamline root cause analysis, and reduce +false positives. {anomaly-detect-cap} run in and scale with {es}, and include an +intuitive UI on the {kib} *Machine Learning* page for creating {anomaly-jobs} +and understanding results. + +If you have a license that includes the {ml} features, you can create +{anomaly-jobs} and manage jobs and {dfeeds} from the *Job Management* pane: [role="screenshot"] image::user/ml/images/ml-job-management.jpg[Job Management]