I'm using elastic kibana Visualization and I have a field in the data that has a string value,
in my visualize I wanna use the range aggregation in order to make different group range of that field, however since the field is String value it does not show in Range aggregation field option.
what work around can be done to solve this issue? or maybe a way to use the data from another kibana chart in the Range aggregation Field option
Related
I have a doc in Elasticsearch with different fieldnames, eg: a,b,c,d...
I want to use templating in Grafana to query a term aggregation in such way that I get the values in a field. eg: i.
I'm trying to use this query:
{"find":"terms","field":"i","size":25}
but it does not return any values.
I know that there are some values as I query the same docs with Sense.
I have Grafana v 4.6.2 and Elasticsearch v 2.3.4
The field I wanted has a "-" in the string. ES sees it as a separator, this was the reason of the error.
Changing the field's mapping to "not analyzed" should help.
I want to filter the elastic search aggregation results in Kibana (v6.2). For example, I want to show only sum of hours those that are more than 100 (like HAVING command in SQL). I know that we can filter the results in filter section over other fields, but I don't know how to apply the filter on aggregation functions. I tried to use post_filter in filter section in Kibana, but it didn't work.
Any ideas?
You can augment aggregation query within advanced field
It will be added to request as shown on picture
Another question is what to put into this field. You can check script values for sum aggregation
I am writing a data frame to elasticsearch using pyspark. I am able to get the fields in Kibana. The problem here is in kibana whenever i refer a string column that has space between the content, the string is displayed as two different fields in the graph. After some analysis i found that the field has to be set as "not analyzed" in ES so that the split will not happen.
dfcols = sqlContext.createDataFrame(cols)
dfcols.write.format("org.elasticsearch.spark.sql")\
.option("es.resource","index_name/sample")\
.option("es.nodes","http://server.qa.com")\
.option("es.port","9200")\
.save(mode="append")
This is how i am writing my dataframe to elasticsearch. How to specify the analyzed or not analyzed property of a field here?
Is it possible to retrieve Stats Aggregation with custom field value of max/min document?
Eg. imagine example from ElasticSearch Stats Aggregation documentation is there possible to retrieve for example name of student with max/min value of grade? (we assume that beside grade there is student name in document).
Is it even possible? What if ElasticSearch gives us multiple documents with max/min value?
No - it's not possible to get a max value and the rest of the document in a single query.
You would need to do two queries - the first to get the max value, the second to return documents that have a matching value.
I wanted to group documents based on Name and Lat, Lang in Elastic Search.I explored the aggregations API but it gives only a count for a specific criteria not the actual documents.Is there a way in which we can do this in Elastic Search
you could use nested aggregations - something like aggregate by name, _id. And use second query to get document by ids.