I am after a way to drill down multiple visuals at the same time. They all contain the same drill down structure (Department, User, ID). The closest I found is using a filter action which brings focus across multiple visuals.
Related
I am working on Global Search feature for the Product suite. We have 4 different products, Product A,B,C and D. Each products have their own user rules and those rules defined accessibility to results for the global search.
I want some recommendation what would be the best option for me in terms of technology which is more suitable for this kinds of design problems?
I did some research on elastic-search - but i am stuck on the part
how i can apply security rules from all the diff products to filter
the search result
Any pointers will be really helpful
I have looked into Solr , graph-ql and elastic-search. But that did not answer how can i manage security rules which will be diff for all the products. Not sure how can i consolidate all of them and how can i filter the query results.
I am definitely going to leverage No-SQL as SQL is not right solution for this kinds of problem. However, roles/security is my concern
As a user i should be able to do global search across all the products based on keywords. The results should show data based on user and its security roles and information will be retrieved from all the products based on user role
Just a heads up - i am not allowed to use any cloud technologies like azure, aws etc.
If you know which product the search will be happening then you can have a separate collection of each product. You can index index the attributes/metadata of product along with the user access rules.
If you are not getting the information that which product will be searched upon then you can try to index the product data along with the user access rules.
Here you can use index all the data in single collection and use the sharding and replication feature of solr cloud so the data is distributed and would help you to achieve scalability along with high availability.
Scenario: I have an application where my java application pushes user data from database to Elastic search which is accessed using Kibana dashboards. I also have a Content application which allow users to create/edit data which is saved in database using my java application.
Use case: When user slices data in Kibana dashboards and reaches a point where he realize an error in data, he would want to make change to the data point. E.g. certain company is shown in a particular city in the dashboard which seems to be an incorrect data. User would want to change the city to the correct one.
Problem case: I am not able find a way to either allow the data to be edited within Kibana or have some kind of deeplink in Kibana which takes user from Kibana to my Content application so that the data point can be edited by user.
Currently the user can go to the Content application, search for the company, search for the addresses and make a change there, however thats very cumbersome to do with millions of companies and millions of data points in database.
Haven't found editing possibilities up to now ... but linking is possible:
when you head to "Kibana/Mgmt/Index Patterns" you can define fields to render as a clickable URL (e.g. to be used in the "Data Table" vis).
If you have a field containing e.g. some ID myid you can have kibana output a clickable link instead pointing to e.g. https://mysite/?id=myid
See https://www.elastic.co/guide/en/kibana/current/field-formatters-string.html for details.
If you need more complex linking options (e.g. your effective link needs to incorporate multiple fields of a document) you can create a so called scripted field, there you have access to multiple fields of an elasticsearch document and can construct your link more or less freely).
We use that a lot to link from overview kibana dashboards to other systems with detailed data on the respective item, see for example this Data Table:
I am new for developing the ELK. So, I have an idea to do with the Elasticsearch data with some dashboard design using Kibana. I have tried we are able to create dashboards like pie, graph etc. However, they are all based on the count and average related. So, I want data like table with whole data. But, a way of the form the query based on that it will generate table. I would like to know whether it is possible in Kibana?
Wondering if there is a way to get list of the messages related to a Kibana visualization. I understand if I apply the same filter on the "Discover", which is on "Visualization", I can filter the related messages. But I want to have more direct user experience like an user clicks on a region of a graph and can get the related messages which formed that region. Is there any way to do it?
This helped me:
https://discuss.elastic.co/t/can-i-get-the-related-messages-from-a-kibana-visualization/101692/2
It says:
Not directly, unfortunately. You can click on the visualization to create a filter, and you can pin that filter and take it to discover, which will do what you're asking, but isn't very obvious.
The reason is that visualizations are built using aggregate data, so they don't know what the underlying documents are, they only know the aggregate representation of the information. For example, if you have a bunch of traffic data, and you are looking at bytes over time, the records get bucketed by time and the aggregate of the bytes in that bucket are shown (average, sum, etc.).
In contrast, Discover only works with the raw documents, showing you exactly what you have stored in Elasticsearch. Both documents and aggregations can use filters and queries, which is why you can create a filter in one and use it in the other, but the underlying data is not the same.
I'm wondering if having thousands of different indexes is a bad idea?
I'm adding a search page to my web app based on ElasticSearch. The search page lets users search for other users on the site by filtering on a number of different indexed criteria (name, location, gender etc). This is fairly straight forward and will require just one index that contains a document every user of the site.
However, I want to also create a page where users can see a list of all of the other users they follow. I want this page to have the same filtering options that are available on the search page. I'm wondering if a good way to go about this would be to create a separate index for each user containing documents for each user they follow?
While you can certainly create thousands of indices in elasticsearch, I don't really see the need for it in your use case. I think you can use one index. Simply create an additional child type followers for the main user record. Every time user A follows user B, create a child record of B with the following content: {"followed_by" : "A"}. To get the list of users that current user is following, you can simply add Has Child Filter to you query.
I would like to add to Igor's answer that creating thousand of indexes on a tiny cluster (one or two nodes) can cause some drawbacks.
Each shard of an index is a full Lucene instance. That said, you will have many opened files (probably too many opened files) if you have a single node (or a small cluster - in term of nodes).
That's one of the major reasons why I would not define too many indices...
See also File descriptors on installation guide