使用 ElasticSearch 术语聚合动态创建的存储桶构建 Kibana 直方图 [英] Build a Kibana Histogram with buckets dynamically created by ElasticSearch terms aggregation
问题描述
我希望能够结合 Kibana Terms Graph 的功能(能够根据来自特定属性的值的唯一性创建存储桶)和 直方图(根据查询将数据分成桶,然后根据时间说明日期).
I want to be able to combine the functionality of the Kibana Terms Graph (be able to create buckets based on uniqueness of values from a particular attribute) and Histogram Graph (separate data into buckets based on queries and then illustrate the date based on time).
总的来说,我想创建一个直方图,但我只想根据一个查询的结果创建直方图,而不是像在 Kibana 演示应用.相反,我希望根据我的特定字段的唯一值动态创建每个存储桶.例如,考虑我的查询返回的以下数据:
Overall, I want to create a Histogram, but I only want to create the Histogram based on the results of one query, not multiple queries like it's being done in the Kibana demo app. Instead, I want each bucket to be dynamically created per unique value of my particular field. For example, consider the following data returned by my query:
{"myValueType": "New York"}
{"myValueType": "New York"}
{"myValueType": "New York"}
{"myValueType": "San Francisco"}
{"myValueType": "San Francisco"}
还假设每条记录都有一个 timestamp 字段,用于按日期分隔直方图数据.对于那个特定日期,我希望将数据作为计数 3 传送到 New York 存储桶中,并将 2 计数传送到 San Francisco 存储桶中.但是,我只能为我的一个链接查询显示 5 个计数.当我配置直方图时,我可以指定一个字段用于我的时间戳,但不能从中创建存储桶.我可以发送一个字段来计算总/最小值/最大值/平均值,但这个字段必须是数字,所以这也不是解决方案.
Also assume that each record has a timestamp field for separating histogram data by date. For that particular date, I want the data to be communicated as a count of 3 into the New York bucket and a count of 2 into the San Francisco bucket. However, I am only able to show a count of 5 for my one linked query. When I configure the Histogram, I am able to specify a field to use for my timestamp, but not to create buckets from. I could've sent a field to compute a total/min/max/mean, but this field would've had to be numeric, so that is not the solution either.
如果我要使用术语图来创建饼图或条形图,我确实能够根据我指定字段的唯一值(在本例中为myValueType")将我的数据分成存储桶,但这将汇总所有时间的数据,而不是按时间戳拆分数据.虽然这是很好的信息,但并不理想,因为我无法检测数据中的趋势.
If I were to use a Term Graph to create a pie or bar graph, I am indeed able to separate my data into buckets based on the unique values of my specified field (in this case, "myValueType"), but this would total up the data for all-time, not split up the data by timestamp. Although this is good information to know, it is not ideal because I wouldn't be able to detect trends in my data.
我正在寻找可以执行以下操作之一的解决方案:
I am looking for a solution that will do one of the following:
- 让我在 Kibana 仪表板中动态创建查询以在直方图中创建桶"
- 请允许我运行一个 ElasticSearch 术语聚合 应该根据myValueType"将我的数据拆分到存储桶中,并将这些结果整合到我的直方图中
- 自定义我的仪表板的 JSON,但这在我看来是不可能的
- 创建我自己的自定义面板,但这是不可取的
- 在 Kibana 中链接一个 KibanaTopN"查询.实际上,这已被证明是解决我的问题的方法,因为 TopN 查询从指定的 fieldName 为每个唯一值/术语动态创建一个查询.但是,问题是我只能将一种颜色链接到此 TopN 查询,并且每个唯一术语都将放置在使用不同颜色阴影的存储桶中.理想情况下,我的直方图中的每个桶都有与之相关的完全不同的颜色.想象一下,随着存储桶数量的增加,区分唯一术语将变得多么困难.
- 如果一切都失败了,我会从我的搜索字段中针对每个唯一值进行一次查询.这将允许我为每个存储桶使用一种唯一颜色,但随着myValueType"字段中唯一术语的数量发生变化,我需要继续从 Kibana 添加/删除查询,这可能会变得非常混乱.
- Let me dynamically create queries in my Kibana dash board to create "buckets" in a Histogram
- Allow me to run an ElasticSearch Terms Aggregation to supposidly split up my data into buckets based on "myValueType" and integrate these results into my Histogram
- Customize the JSON of my dashboard, but this doesn't look possible to me
- Create my own custom panel, but this is not desirable
- Link a Kibana "TopN" query in Kibana. Actually, this has proven to be a work-around for my problem because the TopN query dynamically created one query per unique value/term from the specified fieldName. However, the problem is that I can only link one colour to this TopN query and each unique term will be placed in a bucket that uses a different shade of the colour. Ideally, every bucket in my Histogram will have a completely different colour associated to it. Imagine how difficult it will be to distinguish unique terms as the number of buckets grows.
- If all else fails, I make one query per unique value from my search field. This will allow me to have one unique colour per bucket, but as the number of unique terms in the "myValueType" field changes, I need to keep adding/removing queries from Kibana, which can get quite messy.
我确定我在这里缺少一些东西.请帮帮我.非常感谢.
I'm sure there is someting that I am missing here. Please help me out. Many thanks.
一个高度相关的 SOF 问题:是否可以在 Kibana 中使用 Histogram Facet 或其卷曲响应
A highly related SOF question: Is it Possible to Use Histogram Facet or Its Curl Response in Kibana
推荐答案
这将是一个很棒的功能.看起来它会在 Kibana4 中得到支持,但似乎没有比这更多的信息了.
This would be a great feature. It looks like it will be supported in Kibana4, but there doesn't seem to be much more info out there than that.
供参考:https://github.com/elasticsearch/kibana/issues/1249
这篇关于使用 ElasticSearch 术语聚合动态创建的存储桶构建 Kibana 直方图的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
