I’ve been playing around with the historical data anomaly detection released in 1.13.0. Really cool postmortem-style analysis of network traffic or whatever your application is.
I’ve noticed a few configuration options that exist in configuring real-time detectors and are missing from historical detectors:
- Data filter (under detector data source configuration)
- Category field for high cardinality (search for “cardinality” here)
Both of these (but particularly the category field are, in my opinion, really essential peices of the anomaly detector plugin. Does anybody here have any input on this as to why they are unavailable for historical data analysis? Is this something I should submit as an enhancement request on opendistro-for-elasticsearch/anomaly-detection or opendistro-for-elasticsearch/anomaly-detection-kibana-plugin or both?
Thanks,
SG