垂直条形图在基巴纳 [英] Vertical bar chart in Kibana

问题描述

我已经设置了ELK堆栈，并且以下类型的JSON正在被存储在弹性搜索中（以下JSON是从Kibana UI复制的）。

I have set up ELK stack and following type of JSON is getting stored in elasticsearch(following JSON is copied from Kibana UI).

现在，我想显示垂直条形图，当动作等于passthrough时，它将具有前5名主机名

Now I want to display Vertical bar chart which will have Top 5 "hostname" when "action" is equal to "passthrough"

{
    "_index": "logstash-2016.06.16",
    "_type": "utm",
    "_id": "AVVaFcaB7mNsx5uOb1-_",
    "_score": null,
    "_source": {
        "message": "<190>date=2016-06-16 time=22:10:26  hostname=\"googleads.g.doubleclick.net\" profile=\"Software_Dept\" action=passthrough",
        "@version": "1",
        "@timestamp": "2016-06-16T16:40:24.284Z",
        "hostname": "googleads.g.doubleclick.net",
        "profile": "Software_Dept",
        "action": "passthrough"
    },
    "fields": {
        "@timestamp": [
            1466095224284
        ]
    },
    "sort": [
        1466095224284
    ]
}

我被困在这里，能够显示前5名的主机名，但没有被过滤b yaction等于passthrough。

I am stuck here, able to show top 5 hostname but they are not filtered by "action" is equal to "passthrough".

推荐答案

转到发现页面并输入搜索查询： action：passthrough

Go to the Discovery page and enter the search query : action:passthrough

在发现页面中输入查询后，请保存当前搜索：

Kibana文档

Once you've entered your query in the discovery page, save your current search:
Kibana documentation

然后当创建可视化时，选择可视化类型后，您可以使用从保存的搜索中选择您创建的搜索。

在这种情况下，只有搜索中的文档将在图形上。

Then when creating the visualisation, after selecting the visualisation type, you use "From a saved search" to select the search you've created.
In that case only the documents from the search will be on the graph.

这篇关于垂直条形图在基巴纳的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！