Reputation: 1560
Kibana Visualization Separating X-Axis Values I Want Grouped
I have data being written to Elasticsearch that I wanted to visualize in Kibana, but I'm having problems with the visualization.
I have a process writing when it starts {ProcessStartTime} and when it stops {ProcessStopTime}
I'm trying to create what I thought was a simple visualization:
A vertical bar chart with Count as the Y-Axis and {ProcessStartTime} and {ProcessStopTime} as bars on the X-Axis.
The problem is, instead of count of 480 for the {ProcessStartTime} as one vertical bar and a count for 389 for {ProcessStopTime} as another vertical bar. It separates out all unique {ProcessStartTime} entires so I have a count of 1 with a thousand vertical bars. Moreover, I appears I cannot add more than one term, just sub categories, so {ProcessStopTime} isn't on the bar chart at all. So I decided to try the Filter aggregation, which allowed me to get a count of all entries with "ProcessStartTime" in the body. However, I cannot add "ProcessStopTime" as another filter as those don't coexist.
My current solution is to have two charts, using the Filter aggregation, then compare the charts side-by-side to compare the counts. For obvious reasons, I'd like those combined, but I just don't see how to have two X-Axis buckets, or to group the data as it needs to be.
I am missing something obvious?
Upvotes: 0
Views: 1889
Answers (1)
Reputation: 599
I might get wrong what you are trying to do and I can't comment on your question to ask for details, but here are a few things that you can do:
Get all entries regardless of their content (empty search query). Keep the Y-axis metrics for Aggregation-Count.
After that you can set a bucket for the X-axis with Filters aggregation, and use 2 filters.
Filter 1: ProcessStartTime: *
Filter 2: ProcessStopTime: *
This setup should give you 2 bars with the count of records that have the given attributes.
The other option is to make a new attribute, for example 'event', and give this attribute the values 'ProcessStartTime' and 'ProcessStopTime', and make a Terms aggregation bucket setup on event.keyword.
I hope this helps.
Upvotes: 1
Related Questions
- How to use elasticsearch nested aggregations in kibana visualizations
- 'Group by' in Kibana charts
- Aggregation of aggregation in Kibana visualization
- Kibana - Create line Chart on Bar Chart in Same graph
- How to plot aggregated data in kibana
- How to make stacked histograms on kibana?
- How to design multi X axis graph in Kibana 4
- Kibana, grouping values of same field in bar chart
- Dividing the values of X-axis in Kibana-4
- Custom X Axis in Kibana