I've been struggling around with some visualization in Kibana.
For this example I will be using data from kibana samples (kibana_sample_data_ecommerce).
So want I would like to do is a visualization that shows: how many customers did 1 order, how many customers did 2 orders, how many customers did 3 orders, and so on.
An example of visualization would be this:
Using a table visualization and aggregating for Terms in descending order I can get something like this:
On the left of the table we have the customer's name and on the right the count of orders the customer did.
I don't know what kind of aggregation should I use now so I can group the customers with same values into a new label. Something like, from this
to this
Btw I'm using kibana 7.2
Any suggestions and ideas are welcome.
Thank you!
Edit:
I want to be able to group customers with same results (nÂș of orders) under a new bucket (and if is possible with a custom label).
Go for Terms aggregation on order field while setting the Metric Aggregation as count.
Hope that answers your question.
Related
I've created a dashboard that has various histograms, aggregations, etc.
Now, I want to export all the items that fed into those. So if 1793 items made it through the filters to end up as the dataset powering that dashboard, I want to export a document containing those 1793 items. The item count is one of the dashboard visulizations, so I know how many items it'd export.
Is there a way to do that export? Or to at least find out the ElasticSearch query that Kibana used that found the underlying items?
The use case here is a non-technical person (but a domain expert in the data) knows enough to add filters on the Kibana dashboard and they eventually get a filter they're happy with and then want to get a dump of those data items.
This is regarding to order the elastic search results in custom order.
I have city ids(integers) in my elastic search index, based on the user city selection the elastic search should happen.
For example:
Consider the id of Chennai is 1 & Mumbai is 2
If we have 10 records for Chennai and 20 records for Mumbai in elastic index. If the user choose Chennai, we should display the 10 records belongs to Chennai in top order and then display the remaining items.
If the user choose Mumbai, we should display the 20 records belongs to Mumbai in top order and then display the remaining items.
I am using sleimanx2/plastic laravel package for search. Appreciate if anyone help me to achieve this.
Is there any specific reason that you wish to achieve this with elastic?
The mentioned case seems to me like something i would achieve with two queries. One for the promoted, let's call them results, and one that would match everything else, except those that belong to the first query.
Then I would go ahead and display them to their respective areas or whatever.
There might be a way to merge those queries together and get your results as buckets that you can later use to create your markup accordingly, but honestly I am not sure that there is a reason to do it like this.
I hope I do not misunderstand your question,
Best Regards.
I have simple data analytics to display in AWS QuickSight: some date fields and amounts. QS aggregates by default all date-fields and the lowest granularity is aggregate by minute. But my need is to display all data without any aggregation at all. I have searched but not found how it could be possible disable aggregation at all? Any ideas?
First contribution to Stack Overflow, feels good man.
I ran into the same problem and the solution is to convert the field selected for the y-axis to a dimension rather than a measure.
Converting fields from measure to dimension
Aggregations will automatically be applied to 'measure' fields and therefore they need to be converted to 'dimension'
I'm looking for a way how to compute the bounce rate of webpages with elastic search.
We collect data in the following simplified structure
{"id":"1", "timestamp"="2017-01-25:15:23", "sessionid"="s1", "page"="index"}
{"id":"2", "timestamp"="2017-01-25:15:24", "sessionid"="s1", "page"="checkout"}
{"id":"3", "timestamp"="2017-01-25:15:25", "sessionid"="s1", "page"="confirm"}
{"id":"4", "timestamp"="2017-01-25:15:26", "sessionid"="s2", "page"="index"}
{"id":"5", "timestamp"="2017-01-25:15:27", "sessionid"="s2", "page"="checkout"}
{"id":"6", "timestamp"="2017-01-25:15:26", "sessionid"="s3", "page"="product_a"}
{"id":"7", "timestamp"="2017-01-25:15:28", "sessionid"="s3", "page"="checkout"}
For this sample the result of the analysis should be:
2/3 of the users get lost at the checkout page.
1/3 of the users get lost at the confirm page
More formally, I'm looking for a generic approach how to implement the following algorithm in an elastic query:
group documents by a field
sort each group (bucket) by a second field and reduce to the topmost document
group all these remaining documents by a third field
sort groups by number of documents
My first attempt was to solve this with a terms aggregation followed by a top_hits aggregation and finally use a
terms_pipeline aggregation to group the pages.
(simplified aggregation structure)
aggs
terms
field: sessionid
aggs
top_hits
sort:timestamp desc
size: 1
terms_pipeline
bucket_path: terms>top_hits
field: page
... but unfortunately there is no such thing like a terms_pipeline aggregation. My bad.
Any ideas for an alternative approach?
Maybe I misunderstood something but if you are willing to know where your users are bouncing, since all pages are in a sequence, you could simply have a terms aggregation on the page field (to know which pages were visited) and a cardinalityone on the sessionid field (to know how many different unique sessions you have). In this case, cardinality(sessionid) would yield 3.
Then again, since all pages are in a sequence, I think you don't really need to know what happened within a given session.
In your example, from the terms(page) aggregation, you'd know that 3 users landed on the checkout page but only one went to the confirm one. Using the cardinality of the sessions, this implicitly means that 2 users (3 total sessions - 1 confirm page hit) bounced on the checkout page.
I need to facet inside n documents which are selected like
... ORDER BY something DESC LIMIT 100
Is that possible with Solr? How?
this is a total hack, but here goes...
do your initial query, and get your results back.
construct a new query, like so:
http://localhost:8080/solr/select/?q=id%3A123+OR+id%3A456...(keep OR-ing them up)...&facet=true&facet.field=something
where you concatenate all of your ids to a new query using OR. then, when you facet on your field, the facet summary will only apply to the results.
AFAIK no, that's not supported / implemented. Facets aren't really meant to be "stats" but a guidance to the end-user. Picture yourself browsing a faceted interface and seeing facets change whenever you change sort order or paging. Faceted browsing would be useless if it worked like that.
I think this would be a nice feature for the StatsComponent though.
I think this is possible with results grouping (now in trunk!):
http://wiki.apache.org/solr/FieldCollapsing
... the only problem is that you can set only one 'facet.field' (i.e. group.field)
But the great thing is that you get scored facets!