Versions (relevant - OpenSearch/Dashboard/Server OS/Browser):
3.0.0
Describe the issue:
Context :
I am looking to separate anomaly detection results by more than two categorical variables (the max allowed amount in OpenSearch). The only way that I can think of to achieve this is to create separate detectors for each of the entries in my the third categorical variable, and filter the data accordingly. However, I am not looking to create many detectors in this manner. I saw that I can update the data filter through the API, and then start a new job to get these same results, but I do not want to keep updating the detector to achieve this.
Question :
Can I dynamically pass a data filter into a detector, so that I can achieve my desired results without having to update the detector every time? Is there any other way I can get anomaly detection results split by more than two categorical variables?
Configuration:
Relevant Logs or Screenshots: