I am trying to have this data in Kibana and Grafana.
I have got this query:
type:one AND ManagedBy:two AND (table:three OR table:four) AND NOT status:five
I use this same option - unique count in Kibana and also in Grafana.
Results:
Kibana: 5140
Grafana: 2611
Why? I have got this same timeframe also for "Today".
I see that in Grafana I have results only from "table:three". So something should be wrong with this query.
Any ideas?
Related
Grafana version: 8.2.0. Start server by docker.
I want to achieve x_axis: point value interval by 500 , y_axis: unique count device id.
Implement with kibana like this.
Use same method in grafana. I got this. Aggregation result is error.
Row data format:
So how can I implement in grafana like kibana visualization?
I want to monitor a list of keywords in a certain index and write these events in a new index
after a little search, I found the way for that using Elasticsearch query in stack alerts but I can't find it
I found the index threshold only under Elasticsearch query.
so how to enable Elasticsearch query.
Kibana version 7.11.2
Kibana version 7.11.2 doesn't support Elasticksearch query in stack alerts we have to upgrade kibana version to be 7.16
Using Grafana 7.2 and Elasticsearch 7.5.1.
I am storing in Elasticsearch a structure that, among other things, indexes an executionTime field in milliseconds:
Using Grafana, how do I filter by that field? So I can get only values with executionTime < 150, for example.
Something like this is not working:
Something like this is not working either:
Any idea?
Found!
As setted in official Grafana documentation, Lucene queries can be used in the query field.
I have a field in elastic search loaded that has information in it as:
message: Requesting 30 containers
message: Requesting 40 containers
.
.
.
message: Requesting 50 containers
I want to get a total of all containers used in the job. (30+40+50=120, in this case).
Is it more efficient to extract these values in a field in logstash and then use aggregation queries in elasticsearch or given the message above everything is possible in elasticsearch?
Also, if I write a aggregation query in Dev Tools of Kibana, then is it possible to store the result to be used for visualization?
It is better and is the solution to extract the number in logstash and then use it in aggregations
No , You cant use a string in sum aggregation , Everything is never possible
You dont need you write aggregation query in dev tools if you are using kibana , in kibana you can do aggregations without writing queries
When I am trying to pull the rawdocuments in a table from elasticsearch using Grafana, It does not show me the all the documents which are available there in elasticsearch index .No matter how many docs are in my elasticsearch index , it shows <=1000 docs only .
I guess when Grafana is firing the query for getting the docs . It is fixing the document size 1000 in query , and not using scan and scroll .
Is there some way possible, from where I can increase the size of documents which are getting retrieved from elasticsearch .
Can I write lucene query in query box and get all the records ? if yes what kind of query I need to specify in Grafana lucene query box , any example?
why do you want to scroll through more than 1000 docs? Is there not a filter / query you can specify to limit the list so you can find one you want?