stackoom
  简体   繁体   中英

Vertical bar chart in Kibana

 原文  2016-06-16 17:14:50       elasticsearch/ logstash/ kibana/ kibana-4/ elastic-stack

Question

I have set up ELK stack and following type of JSON is getting stored in elasticsearch(following JSON is copied from Kibana UI).

Now I want to display Vertical bar chart which will have Top 5 "hostname" when "action" is equal to "passthrough" 

{
    "_index": "logstash-2016.06.16",
    "_type": "utm",
    "_id": "AVVaFcaB7mNsx5uOb1-_",
    "_score": null,
    "_source": {
        "message": "<190>date=2016-06-16 time=22:10:26  hostname=\"googleads.g.doubleclick.net\" profile=\"Software_Dept\" action=passthrough",
        "@version": "1",
        "@timestamp": "2016-06-16T16:40:24.284Z",
        "hostname": "googleads.g.doubleclick.net",
        "profile": "Software_Dept",
        "action": "passthrough"
    },
    "fields": {
        "@timestamp": [
            1466095224284
        ]
    },
    "sort": [
        1466095224284
    ]
}

I am stuck here, able to show top 5 hostname but they are not filtered by "action" is equal to "passthrough".

在此处输入图片说明

2 answers

solution1
 1  2016-06-17 09:04:22

There are couple of solutions for it as you need to add a filter to your records of action=passthrough.

  1. Go to Discover Page and enter in the search query :-

action:passthrough

  1. In Discover page you can select the filter from the field list panel, wherein you can click on the field name ie action and select the positive magnifier (button) corresponding to the passthrough name.

  2. You can also create a filter by observing a record in Discover page and click on the positive magnifier button corresponding to the field and value name.

You can even pin the filter which will persist across various tabs of Kibana ie if you create a filter in Discover page, evern if you open Visualize or Dashboard page the filter will be added.

  1. Directly within your visualization, you can add Filters aggregation or sub-aggregation specifying action:passthrough.

solution2
 1 ACCPTED  2016-06-17 13:47:54

Go to the Discovery page and enter the search query : action:passthrough

Once you've entered your query in the discovery page, save your current search:
Kibana documentation

Then when creating the visualisation, after selecting the visualisation type, you use "From a saved search" to select the search you've created.
In that case only the documents from the search will be on the graph.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Kibana 5.4.0 - Vertical Bar Data Visualization Issue Kibana, grouping values of same field in bar chart Kibana bar chart avg aggregation by field Kibana - Create line Chart on Bar Chart in Same graph Display two fields on the same bar chart using Kibana Grouped bar-chart in Kibana using Vega-lite How to put value on top of column in bar chart kibana Kibana Vertical Bar Graph where in the X-axis I have buckets for the sum of values? Chart multipile fields in Kibana Kibana Pie Chart
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM