How to Dynamically save model name using a column ...

bhavesh0124 · ‎08-22-2023

Hi I have the following query for training a model. However, I want to save my model name using a single column value that comes from a lookup. In a nutshell, I want to save the model name dynamically.

index = "Abc"
fields Days, Count, Target
| sample partitions=100
| appendpipe
[ | search partition_number < 90 | fields - partition_number
| fit DecisionTreeRegressor "target" from * splitter=best into "model_name" apply=false ]

So currently the model name is "model_name" but I want it to come from a lookup, where there is single column and a single value.

@niketn @gcusello

bhavesh0124 · ‎08-28-2023

That worked! Thanks a lot

etoombs · ‎08-25-2023

I've never tried to make a model name dynamically, but have done it with outputlookup - maybe you can do something similar?

| outputlookup
[| makeresults
| eval filename=strftime(relative_time(relative_time(now(),"-1mon@mon"), "@m"), "filename_%B_%Y.csv")
| return $filename]

Something like:

How to Dynamically save model name using a column value?

eval

field extraction

fields

other

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

Troubleshooting the OpenTelemetry Collector

Adoption of Infrastructure Monitoring at Splunk