Reputation: 174
Is there a Kibana visualization that allows math on aggregated data with term based buckets?
The solution seems so tantalizingly close, but I can't for the life of me find a solution in Kibana that solves these two constraints.
Summary
We'd like to find a visualization from the Kibana visualize library that:
- Allows math on aggregated data.
Elasticsearch examples that fit the bill are bucket scripts, scripted metrics, anything that preforms math after the data from each document has been aggregated. Kibana visualizations like Vega and Timelion allow this, but these time based visualizations don't fit how we need to bucket our data (see next item).
- Let's you group by term based buckets instead of time based buckets.
For our use-case we need more than one level of buckets. The TSVB visualization comes super close for us here since you can specify a term based bucket in the table view and allows bucket scripts, but you can't group by more than one term like you can in an Aggregation Based visualizations like Data Table with it's Split rows option.
If anyone has insight on maybe something we haven't thought of yet, that would be greatly appreciated!
We originally were looking for a table type view, but at this point really anything that satisfies the above two constraints would be marvelous. We can do this in Elasticsearch queries, but can't seem to find the solution in Kibana visualizations.
What We've Tried
We used this reference as a touch-point to get a birds eye view of Kibana's visualization offerings.
On the bottom of the page it shows three visualization tools that support math on aggregated data:
TSBV, Timelion, and Vega
Timelion and Vega don't offer non-time based buckets so we can't use them by #2 above.
TSBV doesn't allow multiple bucket aggregations as far as I've found.
A weighted average would actually preform the math we need, but I can't seem to find that type of aggregation on any of the other visualization offerings.
These things we've tried are a mix of experimenting directly with Kibana and reading documentation so there is a chance something has gone overlooked (for example the finding that Timelion and Vega only support time based buckets, maybe there is a hidden feature we haven't yet found). The problem seems dire to us, but posting in case anyone has more experience with these tools and could shed light.
We used managed ES on version 7.12.1
Upvotes: 1
Views: 1607
Answers (1)
Reputation: 563
Vega offers non-time based buckets.
Take a look at the Sankey Chart post on the Elastic blog for a detailed single example, and at the many, many Vega and Vega-Lite examples that are not time related. For better or worse, Vega has very few limitations compared to other Kibana visualizations.
Upvotes: 1
Related Questions
- Is it possible to run an elasticsearch aggregation query in Kibana?
- Can Kibana visualizations aggregate by a meta field such as _size?
- bucket Terms aggregation Elasticsearch
- Elasticsearch buckets on results of aggregation
- Kibana Vertical Bar Graph where in the X-axis I have buckets for the sum of values?
- How to use elasticsearch nested aggregations in kibana visualizations
- 'Group by' in Kibana charts
- Aggregation of aggregation in Kibana visualization
- Kibana 5.5 visualization data aggregation percentage
- Kibana: how to display values aggregation in a visualization?