In my ElasticSearch DB I have 2 fields:
Is a running number (1,2,3, etc)
Is a diferent number that depends on the first number (100, 50, 8, 4005 etc).
Now, I want to create a graph where the first number is on Y axis, and the second number is on the X axis.
How can it be done in Kibana?
Thank you.
You can create a linechart/vertical bar chart/etc and use a Histogram Aggregation on first field and appropriate term aggregation for second field (e.g. avg/sum)
Related
I am trying to create a Kibana TSVB visualization that displays an “events per second (EPS)” metric for the last created elasticsearch index of a particular index pattern. Currently I’m using a Count aggregator that pipes to the Math aggregator with the formula params.Count / (params._interval / 1000).
But this calculation is only accurate if the chart’s timerange is set to exactly the first and last timestamps in the index. Otherwise the empty data sets (both before and after the index’s timeframe) is being included in calculating the EPS. Currently I have to manually query the min/max timestamps of the index and then manually set the chart’s timeframe in the upper right corner to match that, only then it calculates the EPS correctly.
So my question… is there a way to automatically do this? Such as having the chart’s Start and End timerange as variables equal to the Min and Max timestamps of the particular index I’m looking at? Or have it ignore the out of bounds time range?
Thanks
We have a counter metric in one our micro services which pushes data to DataDog. I want to display the total count for given time frame, and also the count per day (X axis would have the date and Y axis would have count). How do we achive this?
I tried using sum by and diff with Query value representation. It gives the total number of the count for given time frame. But I would like to get a bar graph with the X axis as the date and the Y axis as the count. Is this possible in DataDog?
It seems like there are 2 main questions here:
display the total count for a given time frame.
the count per day.
I think the rollup method is going to be your friend for both questions.
For #1 you need to pass in the time frame you want a total over: sum:<metric_name>.rollup(sum, <time_frame>) and the single value can be displayed using the Query Value visualization.
For #2 the datadog docs say you can get metrics per a day by
graphed using a day-long rollup with .rollup(avg,86400)
So this would look something like sum:<metric_name>.rollup(sum, 86400) and can be displayed a Timeseries with bars.
I have a field in my Kibana index whose value varies from -100 to 100.
I want to classify data as follows
If value lies between -100 to -10 it is termed as highly negative.
If value lies between -10 to -2 it is termed as negative.
If value lies between -2 to 2 it is termed as neutral.
and so on.
And I also want the count of how much data is Highly negative, negative or neutral.
Can anyone suggest how can this be done in Kibana?
In your Visualize tab, you can use the range aggregation and define all ranges of interest like this:
I'm facing a following problem. In Kibana 4 I've created a line chart based on my input from elasticeasrch but I can only display average, min, max instead of an actual value of the field per time, e.g. sent bytes.
Most answears to that question on stackoverflow are about Kibana 3 (How to create value over time chart with Kibana 3?) and seem to include a Histogram on a X axis, yet I can't seem to find one which will enable me to apply them to Kibana 4. I was unable to find the histogram panel and once I click on the discover tab there is the constant Searching loading.
If I have the following fields in my _source:
{"timestamp":"2015-06-02T10:16:44.0855","time":587,"threadName":"Thread Group 1-957","byte":1372,"status":"false","latence":306,"registerCall":"404"}
and I would like to have the number of bytes on the Y-axis and on the X-axis my timestamp.
Any help in the right direction will be appreciated :)
To create a value over time line chart in Kibana, follow these steps:
Go to visualize tab and select line chart
In the X-axis, select X-axis, Aggregation as Date Histogram and then select your timestamp field as the date field.
Next for the Y-Axis, select Sum as the aggregation and then bytes as the field.
For the X axis, what Alcanzar said is good, but as you notice, the Y axis is problematic.
Sum (suggested by "Limit") works, but since it's aggregated, it shows the total used in each aggregated bucket, but that may be meaningless depending on what you are trying to show. Your question isn't clear on what you want, so I'm just guessing here. One hour of requests, each of which ran for one minute and sent 1 megabyte is indeed 60 megabytes-minutes, if you are trying to show total capacity used over than hour (maybe you are paying a bill based on usage per time). On the other hand, if you are trying to show peak usage in each time, it would be wrong.
You said you already looked and Max and Min and they don't meet your needs. I don't suppose Standard Deviation would be any better?
I have the same concern. The best I've been able to do so far is
display Min and Max simultaneously in the Y axis. When they diverge, I know I'm zoomed out too far, so I zoom in until they align.
This is how I know I'm seeing individual events.
In any case, I share your frustration. I too would like to be able to show time series as easily as I can in, say, Excel.
I want to score my documents based on on how close a number is to a query. Given I have two documents document1.field = 1 and document2.field = 10, a query field = 3 then I want document1._score > document2._score. Or in other words I want something like a fuzzy query against number. How would I achieve this? The use case is I want to support price queries (exact or range), but want to rank stuff that isn't exactly in the boundaries.
You are looking for Decay functions:
Decay functions score a document with a function that decays depending on the distance of a numeric field value of the document from a user given origin. This is similar to a range query, but with smooth edges instead of boxes.
It can be implemented using custom_score query where script will determine boost depending on absolute value of the difference between exact price and desired price. The desired price should be passed to the script as a parameter to avoid script recompilation for every request.
Alternatively, it can be implemented using custom_filters_score query. Filters here will contain different ranges around desired price. Smaller ranges will have higher boost and appear higher in the list than larger ranges.