[ML] Allow "no timestamp" to be specified as the timestamp format in file upload #146700
Comments
droberts195
added
enhancement
|
Pinging @elastic/ml-ui (:ml) |
|
When analysing a semi structured text file with no timestamps, I get an error saying no timestamp could be found. If I then run analysis again, setting
As it is now, the UI user has to manually run the analysis again. The UI could look out for this error and attempt a run with |
The problem is, 9 times out of 10 a semi-structured log file will have a timestamp but we just didn't detect it. Assuming each line in the file is a separate message will always work, but will look very stupid to a user who can see the timestamp in a format that makes complete sense to them but was missed by our timestamp detection. |
Adds a checkbox to the overrides flyout to allow the user to tell the find structure endpoint that the data does not contain a time field.  If the original analysis of the data does not find a time field, this checkbox is unchecked by default. Closes #146700 Also removes the jest snapshot test for the override flyout as it isn't very useful.
In elastic/elasticsearch#90764 we added the ability to specify
nullas the timestamp format override in the file structure finder endpoint.The file data visualizer/file upload in Kibana can now be enhanced to make this option available. If a user chooses to add overrides then specifying "there is no timestamp" should be an alternative to overriding the timestamp format and if the user selects this then
timestamp_format=nullshould be passed as an argument the next time the file structure finder endpoint is called.Relates to #63526
The text was updated successfully, but these errors were encountered: