Package co.elastic.clients.elasticsearch.ml

Class Anomaly.Builder

java.lang.Object
co.elastic.clients.util.ObjectBuilderBase
co.elastic.clients.util.WithJsonObjectBuilderBase<Anomaly.Builder>
co.elastic.clients.elasticsearch.ml.Anomaly.Builder
All Implemented Interfaces:
WithJson<Anomaly.Builder>, ObjectBuilder<Anomaly>
Enclosing class:
Anomaly
public static class Anomaly.Builder extends WithJsonObjectBuilderBase<Anomaly.Builder> implements ObjectBuilder<Anomaly>
Builder for Anomaly.

  • Constructor Details

    • Builder

      public Builder()

  • Method Details

    • actual

      public final Anomaly.Builder actual(List<Double> list)
      The actual value for the bucket.

      API name: actual

      Adds all elements of list to actual.

    • actual

      public final Anomaly.Builder actual(Double value, Double... values)
      The actual value for the bucket.

      API name: actual

      Adds one or more values to actual.

    • anomalyScoreExplanation

      public final Anomaly.Builder anomalyScoreExplanation(@Nullable AnomalyExplanation value)
      Information about the factors impacting the initial anomaly score.

      API name: anomaly_score_explanation

    • anomalyScoreExplanation

      public final Anomaly.Builder anomalyScoreExplanation(Function<AnomalyExplanation.Builder,ObjectBuilder<AnomalyExplanation>> fn)
      Information about the factors impacting the initial anomaly score.

      API name: anomaly_score_explanation

    • bucketSpan

      public final Anomaly.Builder bucketSpan(long value)
      Required - The length of the bucket in seconds. This value matches the bucket_span that is specified in the job.

      API name: bucket_span

    • byFieldName

      public final Anomaly.Builder byFieldName(@Nullable String value)
      The field used to split the data. In particular, this property is used for analyzing the splits with respect to their own history. It is used for finding unusual values in the context of the split.

      API name: by_field_name

    • byFieldValue

      public final Anomaly.Builder byFieldValue(@Nullable String value)
      The value of by_field_name.

      API name: by_field_value

    • causes

      public final Anomaly.Builder causes(List<AnomalyCause> list)
      For population analysis, an over field must be specified in the detector. This property contains an array of anomaly records that are the causes for the anomaly that has been identified for the over field. This sub-resource contains the most anomalous records for the over_field_name. For scalability reasons, a maximum of the 10 most significant causes of the anomaly are returned. As part of the core analytical modeling, these low-level anomaly records are aggregated for their parent over field record. The causes resource contains similar elements to the record resource, namely actual, typical, geo_results.actual_point, geo_results.typical_point, *_field_name and *_field_value. Probability and scores are not applicable to causes.

      API name: causes

      Adds all elements of list to causes.

    • causes

      public final Anomaly.Builder causes(AnomalyCause value, AnomalyCause... values)
      For population analysis, an over field must be specified in the detector. This property contains an array of anomaly records that are the causes for the anomaly that has been identified for the over field. This sub-resource contains the most anomalous records for the over_field_name. For scalability reasons, a maximum of the 10 most significant causes of the anomaly are returned. As part of the core analytical modeling, these low-level anomaly records are aggregated for their parent over field record. The causes resource contains similar elements to the record resource, namely actual, typical, geo_results.actual_point, geo_results.typical_point, *_field_name and *_field_value. Probability and scores are not applicable to causes.

      API name: causes

      Adds one or more values to causes.

    • causes

      public final Anomaly.Builder causes(Function<AnomalyCause.Builder,ObjectBuilder<AnomalyCause>> fn)
      For population analysis, an over field must be specified in the detector. This property contains an array of anomaly records that are the causes for the anomaly that has been identified for the over field. This sub-resource contains the most anomalous records for the over_field_name. For scalability reasons, a maximum of the 10 most significant causes of the anomaly are returned. As part of the core analytical modeling, these low-level anomaly records are aggregated for their parent over field record. The causes resource contains similar elements to the record resource, namely actual, typical, geo_results.actual_point, geo_results.typical_point, *_field_name and *_field_value. Probability and scores are not applicable to causes.

      API name: causes

      Adds a value to causes using a builder lambda.

    • detectorIndex

      public final Anomaly.Builder detectorIndex(int value)
      Required - A unique identifier for the detector.

      API name: detector_index

    • fieldName

      public final Anomaly.Builder fieldName(@Nullable String value)
      Certain functions require a field to operate on, for example, sum(). For those functions, this value is the name of the field to be analyzed.

      API name: field_name

    • function

      public final Anomaly.Builder function(@Nullable String value)
      The function in which the anomaly occurs, as specified in the detector configuration. For example, max.

      API name: function

    • functionDescription

      public final Anomaly.Builder functionDescription(@Nullable String value)
      The description of the function in which the anomaly occurs, as specified in the detector configuration.

      API name: function_description

    • geoResults

      public final Anomaly.Builder geoResults(@Nullable GeoResults value)
      If the detector function is lat_long, this object contains comma delimited strings for the latitude and longitude of the actual and typical values.

      API name: geo_results

    • geoResults

      public final Anomaly.Builder geoResults(Function<GeoResults.Builder,ObjectBuilder<GeoResults>> fn)
      If the detector function is lat_long, this object contains comma delimited strings for the latitude and longitude of the actual and typical values.

      API name: geo_results

    • influencers

      public final Anomaly.Builder influencers(List<Influence> list)
      If influencers were specified in the detector configuration, this array contains influencers that contributed to or were to blame for an anomaly.

      API name: influencers

      Adds all elements of list to influencers.

    • influencers

      public final Anomaly.Builder influencers(Influence value, Influence... values)
      If influencers were specified in the detector configuration, this array contains influencers that contributed to or were to blame for an anomaly.

      API name: influencers

      Adds one or more values to influencers.

    • influencers

      public final Anomaly.Builder influencers(Function<Influence.Builder,ObjectBuilder<Influence>> fn)
      If influencers were specified in the detector configuration, this array contains influencers that contributed to or were to blame for an anomaly.

      API name: influencers

      Adds a value to influencers using a builder lambda.

    • initialRecordScore

      public final Anomaly.Builder initialRecordScore(double value)
      Required - A normalized score between 0-100, which is based on the probability of the anomalousness of this record. This is the initial value that was calculated at the time the bucket was processed.

      API name: initial_record_score

    • isInterim

      public final Anomaly.Builder isInterim(boolean value)
      Required - If true, this is an interim result. In other words, the results are calculated based on partial input data.

      API name: is_interim

    • jobId

      public final Anomaly.Builder jobId(String value)
      Required - Identifier for the anomaly detection job.

      API name: job_id

    • overFieldName

      public final Anomaly.Builder overFieldName(@Nullable String value)
      The field used to split the data. In particular, this property is used for analyzing the splits with respect to the history of all splits. It is used for finding unusual values in the population of all splits.

      API name: over_field_name

    • overFieldValue

      public final Anomaly.Builder overFieldValue(@Nullable String value)
      The value of over_field_name.

      API name: over_field_value

    • partitionFieldName

      public final Anomaly.Builder partitionFieldName(@Nullable String value)
      The field used to segment the analysis. When you use this property, you have completely independent baselines for each value of this field.

      API name: partition_field_name

    • partitionFieldValue

      public final Anomaly.Builder partitionFieldValue(@Nullable String value)
      The value of partition_field_name.

      API name: partition_field_value

    • probability

      public final Anomaly.Builder probability(double value)
      Required - The probability of the individual anomaly occurring, in the range 0 to 1. For example, 0.0000772031. This value can be held to a high precision of over 300 decimal places, so the record_score is provided as a human-readable and friendly interpretation of this.

      API name: probability

    • recordScore

      public final Anomaly.Builder recordScore(double value)
      Required - A normalized score between 0-100, which is based on the probability of the anomalousness of this record. Unlike initial_record_score, this value will be updated by a re-normalization process as new data is analyzed.

      API name: record_score

    • resultType

      public final Anomaly.Builder resultType(String value)
      Required - Internal. This is always set to record.

      API name: result_type

    • timestamp

      public final Anomaly.Builder timestamp(long value)
      Required - The start time of the bucket for which these results were calculated.

      API name: timestamp

    • typical

      public final Anomaly.Builder typical(List<Double> list)
      The typical value for the bucket, according to analytical modeling.

      API name: typical

      Adds all elements of list to typical.

    • typical

      public final Anomaly.Builder typical(Double value, Double... values)
      The typical value for the bucket, according to analytical modeling.

      API name: typical

      Adds one or more values to typical.

    • self

      protected Anomaly.Builder self()
      Specified by:
      self in class WithJsonObjectBuilderBase<Anomaly.Builder>

    • build

      public Anomaly build()
      Builds a Anomaly.
      Specified by:
      build in interface ObjectBuilder<Anomaly>
      Throws:
      NullPointerException - if some of the required fields are null.