I have a document which has an entity name and the date it appeared. Now i need to see different entitiy names and their start and end dates. How is this possible in Kibana 4 ?
Related
I created a calculated table based on start and end dates to check which manager is responsible for a product per date.
Result:
The financial department uses a four week period to report. So 13 periods per year.
(not usable in a date table?)
Product number 8098 gets a different manager on the 23rd of januari this year.
So at the start manager C5104 is responsible and at the end of period one (202301) C5107 is responsible.
To get one responsible manager per period I'd like to filter the table in such a fashion that I get the numbers from the last date in a period. After filtering I don't need the [date] field anymore.
I hope I'm just missing something basic like the 'ELLEXCEPT' But I'm lost...
DISTINCT gives:
One row too many. I'd like to lose the row: 8098, C5104, 202301.
To keep only rows showing the manager per product at the end of a period.
I have a date table:
I need to filter this by hours. last 4h 12h 24h etc.
Relative date only gives me days-weeks and so on.
Simplest work-around could be to create a binary FLAG in the back-end to identify record created in the last 4h.
Then, define a slicer in the front-end (visible or hidden) to visualize only those records relevant for you.
Got this working by creating 4 new custom columns with code:
DateTime.IsInPreviousNHours([LastTransactionDate],4)
Which gives me values if TRUE or FALSE and can filter by turning off FALSE values.
I have data as follows in ElasticSearch:
timestamp item_id item_status
January 24th 2018, 12:06:34.287 1 Processing
January 24th 2018, 12:10:14.310 1 Completed
January 25th 2018, 07:21:30.876 2 Cancelled
January 26th 2018, 09:11:55.775 3 Completed
I want to query this data such that I can get all items that have had both Processing and Completed as their status. In my case, my query result would just be:
item_id
1
timestamp is a timestamp field and item_id & item_status are string fields.
How can I do this with Kibana Visualization? I have been doing something similar to https://discuss.elastic.co/t/how-can-i-make-visualization-with-group-by/43569/2 and Run a simple sql group by query in kibana 4 but it did not really get me what I wanted.
Thanks in advance!
In a Kibana visualization, if you add a query string or a filter, and save the visualization, then the visualization will apply these on top of any other filters that you would use when using a dashboard.
If you plan to apply these filters to multiple visualizations, then you can first make a saved search in the Discover mode, and when making the visualization, create from the saved search (Visualize > New > From a saved search.
I need to build a marketing list with date condition like so:
Month("End Date") = "This month" + 4
Basically, find records with End Date in 4 month
For example, if I pull the list on 6/12/17 - I will get all records with end date in Oct: 10/1/17, 10/2/17, etc
The closest I found is "Next X Month" but it also includes records within 3 month.
As an alternative - I'm exploring a path of creating workflow to update the "query" value of the marketing list record. Unfortunately, it's not possible to add Query field to the default form... this is getting very complex for a simple requirement.
Any ideas would be appreciated!
In the marketing list manage members, use "Add using Advanced Find" option and add all records with "Next 4 Month". Then use "Remove using Advanced Find" option and remove all records with "Next 3 Months".
Basically we can have a batch job every night, which will calculate the desired date or month filter for each contact record. Then fetchxml query for dynamic Marketing list can target this field.
Similarly rollup field can also be tried in contact.
I have 2 indices in kibana 4:
1st index is basing time from events (Date Created)
2nd Index is basing time from events (Date Closed)
Both are date values and I want to create a query which will return the total amount of docs Date Created (Today) - total amount of docs Date Closed (Today)
If this is not possible is it possible if i have both fields in one index?
Yes you need to have both the date values within the same index so that you can do the subtraction using a scripted field in Kibana. You could simply have your script as such:
doc.['date_created'].value - doc.['date_closed'].value
----------------^----------------------------------------^ Make sure to give your exact field names
And then you could use this scripted field as a Date Historgram to show the total count of the docs within the retrieved date range.
Hope this helps!