Skip to content

Commit

Permalink
[7.x] [Logs UI] Use fields API in log analysis results (#77147) (#78031)
Browse files Browse the repository at this point in the history
Co-authored-by: Elastic Machine <[email protected]>

Co-authored-by: Elastic Machine <[email protected]>
  • Loading branch information
Alejandro Fernández Gómez and elasticmachine authored Sep 22, 2020
1 parent 9c75cf7 commit 30896ac
Show file tree
Hide file tree
Showing 2 changed files with 21 additions and 17 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -262,18 +262,18 @@ async function fetchLogEntryAnomalies(
bucket_span: duration,
timestamp: anomalyStartTime,
by_field_value: categoryId,
} = result._source;
} = result.fields;

return {
id: result._id,
anomalyScore,
dataset,
anomalyScore: anomalyScore[0],
dataset: dataset[0],
typical: typical[0],
actual: actual[0],
jobId: job_id,
startTime: anomalyStartTime,
duration: duration * 1000,
categoryId,
jobId: job_id[0],
startTime: parseInt(anomalyStartTime[0], 10),
duration: duration[0] * 1000,
categoryId: categoryId?.[0],
};
});

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -46,13 +46,16 @@ export const createLogEntryAnomaliesQuery = (
...createDatasetsFilters(datasets),
];

const sourceFields = [
const fields = [
'job_id',
'record_score',
'typical',
'actual',
'partition_field_value',
'timestamp',
{
field: 'timestamp',
format: 'epoch_millis',
},
'bucket_span',
'by_field_value',
];
Expand All @@ -75,7 +78,8 @@ export const createLogEntryAnomaliesQuery = (
search_after: queryCursor,
sort: sortOptions,
size: pageSize,
_source: sourceFields,
_source: false,
fields,
},
};

Expand All @@ -84,18 +88,18 @@ export const createLogEntryAnomaliesQuery = (

export const logEntryAnomalyHitRT = rt.type({
_id: rt.string,
_source: rt.intersection([
fields: rt.intersection([
rt.type({
job_id: rt.string,
record_score: rt.number,
job_id: rt.array(rt.string),
record_score: rt.array(rt.number),
typical: rt.array(rt.number),
actual: rt.array(rt.number),
partition_field_value: rt.string,
bucket_span: rt.number,
timestamp: rt.number,
partition_field_value: rt.array(rt.string),
bucket_span: rt.array(rt.number),
timestamp: rt.array(rt.string),
}),
rt.partial({
by_field_value: rt.string,
by_field_value: rt.array(rt.string),
}),
]),
sort: rt.tuple([rt.union([rt.string, rt.number]), rt.union([rt.string, rt.number])]),
Expand Down

0 comments on commit 30896ac

Please sign in to comment.