How to make stacked histograms on kibana?

Question

I have logs with different log levels and I want to design a date histogram like the one at the bottom of the picture :

At a particular date it should show say WARN logs with red and INFO logs above that with blue. Also I don't have log level indexed. But I do have INFO and WARN as saved searches.

Answer 1

As per my understanding you have a field wherein you can search for INFO & WARN and based on these searches, you want to build a stacked histogram as shown above.

The solution for the same is:

1. Click On Visualize Tab and Select Visualization Type as Vertical Bar Chart.
2. Select search source as From a New Search.
3. Then design your visualization by selecting buckets type as X-Axis and aggregation as Date Histogram with the required field such as @timestamp.
4. Then add sub-buckets as Split Bars and select sub-aggregation as Filters.
5. Mention the filter value as per search query. For example: log:INFO (In filter1) & log:WARN (In filter2).

You will get the resulting stacked Histogram. Also you can choose the color as required by clicking on the log:INFO label (towards the right of the histogram) and can choose your required color.