堆栈内存溢出
  简体   繁体   English

Kibana中的垂直条形图

[英]Vertical bar chart in Kibana

 原文  2016-06-16 17:14:50       elasticsearch/ logstash/ kibana/ kibana-4/ elastic-stack

问题描述

I have set up ELK stack and following type of JSON is getting stored in elasticsearch(following JSON is copied from Kibana UI). 我已经设置了ELK堆栈,并且以下类型的JSON被存储在elasticsearch中(以下JSON是从Kibana UI复制的)。

Now I want to display Vertical bar chart which will have Top 5 "hostname" when "action" is equal to "passthrough" 现在我想显示垂直条形图,当“操作”等于“通过”时,它将具有前5个“主机名” 

{
    "_index": "logstash-2016.06.16",
    "_type": "utm",
    "_id": "AVVaFcaB7mNsx5uOb1-_",
    "_score": null,
    "_source": {
        "message": "<190>date=2016-06-16 time=22:10:26  hostname=\"googleads.g.doubleclick.net\" profile=\"Software_Dept\" action=passthrough",
        "@version": "1",
        "@timestamp": "2016-06-16T16:40:24.284Z",
        "hostname": "googleads.g.doubleclick.net",
        "profile": "Software_Dept",
        "action": "passthrough"
    },
    "fields": {
        "@timestamp": [
            1466095224284
        ]
    },
    "sort": [
        1466095224284
    ]
}

I am stuck here, able to show top 5 hostname but they are not filtered by "action" is equal to "passthrough". 我被困在这里,能够显示前5个主机名,但是它们没有被“操作”过滤,等于“通过”。

在此处输入图片说明

2 个解决方案

解决方案1
 1  2016-06-17 09:04:22

There are couple of solutions for it as you need to add a filter to your records of action=passthrough. 有几种解决方案,因为您需要在action = passthrough记录中添加过滤器。

  1. Go to Discover Page and enter in the search query :- 转到“发现页面”并输入搜索查询:-

action:passthrough 动作:直通

  1. In Discover page you can select the filter from the field list panel, wherein you can click on the field name ie action and select the positive magnifier (button) corresponding to the passthrough name. 在“发现”页面中,您可以从字段列表面板中选择过滤器,在其中可以单击字段名称(即动作),然后选择与传递名称相对应的正放大镜(按钮)。

  2. You can also create a filter by observing a record in Discover page and click on the positive magnifier button corresponding to the field and value name. 您还可以通过观察“发现”页面中的记录来创建过滤器,然后单击与字段和值名称相对应的正放大镜按钮。

You can even pin the filter which will persist across various tabs of Kibana ie if you create a filter in Discover page, evern if you open Visualize or Dashboard page the filter will be added. 您甚至可以固定将保留在Kibana各个选项卡上的过滤器,即,如果在“发现”页面中创建过滤器,那么如果打开“可视化”或“仪表板”页面,则将添加过滤器。

  1. Directly within your visualization, you can add Filters aggregation or sub-aggregation specifying action:passthrough. 直接在您的可视化文件中,您可以添加Filters聚合或子聚合以指定action:passthrough。

解决方案2
 1 已采纳  2016-06-17 13:47:54

Go to the Discovery page and enter the search query : action:passthrough 转到“发现”页面,然后输入搜索查询: action:passthrough

Once you've entered your query in the discovery page, save your current search: 在发现页面中输入查询后,请保存当前搜索:
Kibana documentation Kibana文档

Then when creating the visualisation, after selecting the visualisation type, you use "From a saved search" to select the search you've created. 然后,在创建可视化时,在选择可视化类型之后,可以使用“来自保存的搜索”来选择创建的搜索。
In that case only the documents from the search will be on the graph. 在这种情况下,只有来自搜索的文档才会显示在图形上。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Kibana 5.4.0-垂直条数据可视化问题 - Kibana 5.4.0 - Vertical Bar Data Visualization Issue Kibana,在条形图中对相同字段的值进行分组 - Kibana, grouping values of same field in bar chart Kibana 条形图按字段平均聚合 - Kibana bar chart avg aggregation by field Kibana-在同一图形的条形图上创建折线图 - Kibana - Create line Chart on Bar Chart in Same graph 使用 Kibana 在同一个条形图上显示两个字段 - Display two fields on the same bar chart using Kibana 使用 Vega-lite 在 Kibana 中分组条形图 - Grouped bar-chart in Kibana using Vega-lite 如何将值放在条形图kibana中的列顶部 - How to put value on top of column in bar chart kibana Kibana 垂直条形图在 X 轴的哪个位置有值总和的桶? - Kibana Vertical Bar Graph where in the X-axis I have buckets for the sum of values? 图表Kibana中的多重字段 - Chart multipile fields in Kibana Kibana 饼图 - Kibana Pie Chart
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM