I am using GSA Appliance 7.2
We are planning to improve search experience for that I want to analyze search logs, In search logs we are getting only User Ip and search query link.
Other than this I want which link user clicked and in which page he got his search result like in 1st page or second page etc.
Please help me to get detailed search logs.
Thank you
There is the possibility to generate search reports in GSA admin console under Reports > Search Reports. These reports are sort of a summary in which you can see the following details:
Number of search queries per day;
Number of search queries per hour;
Top keywords;
Top search queries;
Position of clicks;
Page of clicks;
Top clicked URLs;
Top IPs of clients which are used to perform search queries.
With Reports > Serving Logs, you can per-query track clients and which search results where returned by GSA, but you can't analyze their click-behaviour and user-journey through a website. For that you'll need to implement Google Analytics, Omniture or any other web analytics. For a GSA-GA integration, please consult this document.
Related
Scenario: I have an application where my java application pushes user data from database to Elastic search which is accessed using Kibana dashboards. I also have a Content application which allow users to create/edit data which is saved in database using my java application.
Use case: When user slices data in Kibana dashboards and reaches a point where he realize an error in data, he would want to make change to the data point. E.g. certain company is shown in a particular city in the dashboard which seems to be an incorrect data. User would want to change the city to the correct one.
Problem case: I am not able find a way to either allow the data to be edited within Kibana or have some kind of deeplink in Kibana which takes user from Kibana to my Content application so that the data point can be edited by user.
Currently the user can go to the Content application, search for the company, search for the addresses and make a change there, however thats very cumbersome to do with millions of companies and millions of data points in database.
Haven't found editing possibilities up to now ... but linking is possible:
when you head to "Kibana/Mgmt/Index Patterns" you can define fields to render as a clickable URL (e.g. to be used in the "Data Table" vis).
If you have a field containing e.g. some ID myid you can have kibana output a clickable link instead pointing to e.g. https://mysite/?id=myid
See https://www.elastic.co/guide/en/kibana/current/field-formatters-string.html for details.
If you need more complex linking options (e.g. your effective link needs to incorporate multiple fields of a document) you can create a so called scripted field, there you have access to multiple fields of an elasticsearch document and can construct your link more or less freely).
We use that a lot to link from overview kibana dashboards to other systems with detailed data on the respective item, see for example this Data Table:
Goal: I want to create a dashboard which shows user requests made to my website. For this, I created a filter in my java web-app and started capturing user requests and storing them in an ES index. The document is in the form of:
{
'user': 'user1',
'url': 'domain.com/page1',
'hitcount': 12
}
So, now I have an index which contains the information as to how many times a user requested which URLs.
Now, I want to create visualizations to show usage trends per user.
Question:
Which visualizations should be used for this use-case?
If I need to show the change in user-trends over time, how should I save the data? For e.g. is there a visualization where I could show, that a user has stopped/reduced requesting a page and now accesses a different page more frequently.
Any direction will be helpful.
Note: I understand, this could be done with grafana + prometheus, but I wish to do this with elastic stack.
I’d recommend logging user requests to a log file and have filebeat read and index them into ES. It is better to send non aggregated data into ES and then let ES aggregate it to create required visualizations
I have a problem with Kibana: Dashboard and visualizations don't show any results!
As you can see in this screenshot, in the discover tab I get some results! Which means data exists in my index "as-*". right? But I used a trick in order to display this data :
1) I changed the range to "Today" ==> it shows no result found !
2) I clicked "New" button ==> then i get my data displayed!
Is there an other way "more proper" to get data displayed?
Then in the my dashboard (or visualization) I can't get any results!! even if the range is the same as discover tab!
I restarted Kibana ==> no changes!
I deleted as-* then I created it => no changes!
I'm using Curator to create daily index and logstash to index the data into ES!
I'm stuck here ! I ll be glad if you can help me figure it out !
Thank you very much!
I am fairly new to elasticsearch and Kibana, but here are three mistakes that I made in the past:
Are you using the correct index? Make sure that the index you have chosen for the logs that are displayed on the visualise page and for the actual visualisations is the same.
Correct timeperiod: does the time period you have chosen contain the data you are looking for? Or did you happen to have zero logs during that time?
Correct filters and aggregations: when you were making the visualisations, did they show any results? Or were they empty from the beginning? Maybe one of your filters or aggregations is wrong and it's excluding the results you're expecting to see.
Not sure if this is any help, hope you've sold the problem by now :)
If you can see information in "discover", it means that kibana has connected to the database, and that the database has information. You shouldn't have to click the "New" button to see information in the discover view. I believe the "New" button in the "discover" page is used to create a new search.
Maybe try zooming on the time period of the data on the "discover" page, or
try checking the systems logs to see if logstash is successfully pushing information to Elasticsearch.
With Kibana, dashboards are made up of visualisations, and visulations are made up of searches.
The "No results found" on the dashboard page, shown in your second page is due to the visualisation having no results. I guess you imported visulations into Kibana.
I hope that helps.
I am running into a weird issue, I have a lot of data in ES and Kibana displays it perfectly. I have a couple of visualization which include bar-chart & pie-chart, the problem is when i click on a bar-graph of a particular object i get only a limited result but when i search for the object on the "Discover" tab i can see all the result.
The dashboard basically consists of searches which were saved earlier, so why is the behaviour occurring ?
Can someone help me on this or point me why/how is this happening ?
Visualizations are mostly aggregations under the hood and the latter are usually limited to the top 10 results.
On the other hand, the Discover tab shows the actual records/documents stored in ES, which is why you can see many more results, usually capped at 500 by default.
Given an ElasticSearch Installation, I want to know current trends and insights. I am not sure if Aggregators would help here.
What are the top queries for last 24 hours?
Most frequently searched terms in last 24 hours? etc.
Most accessed documents in last 24 hours?
Is there any way to collect and get hold of these metrics from ElasticSearch.
A typical use case- As a user visits the homepage, i want to show the trending searches, and top content.
One alternative if you do not want to load your existing ElasticSearch installation with additional metrics is to send this data to a log management solution on the cloud -- such as Loggly, Logentries, etc.