Aggregation in Kibana or Elasticsearch


(Praveen Shilavantar) #1

Hi,

I am new to elasticsearch and kibana. I have loaded some log data into
elasticsearch and I have a field called "LogDetail" and the content looks
like below

Antenna plate 1 temperature: 40.00 degC

I would like to get the log events/documents for temperature > 70.00 degC.
This is how we are doing in MySQL.

SELECT substring(log_detail, 30, 5) AS temp
FROM log_table
WHERE log_detail like 'temperature: %'
HAVING temp > 70.00

Is this something we can do with elastisearch query or the data needs to be
parsed to get the temperature value out of it while loading the data?

Thanks

--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/6fc53bd1-a088-4ed6-a83d-1c00931f023c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


(Praveen Shilavantar) #2

The below query worked for me.

LogDate:[2013-08-01 TO 2013-08-10] AND (LogDetail:"Antenna plate 1
temperature:*" AND LogDetail:[70.00 TO 80.00])

On Wed, Apr 23, 2014 at 6:19 PM, Praveen Shilavantar prazzee@gmail.comwrote:

Hi,

I am new to elasticsearch and kibana. I have loaded some log data into
elasticsearch and I have a field called "LogDetail" and the content looks
like below

Antenna plate 1 temperature: 40.00 degC

I would like to get the log events/documents for temperature > 70.00 degC.
This is how we are doing in MySQL.

SELECT substring(log_detail, 30, 5) AS temp
FROM log_table
WHERE log_detail like 'temperature: %'
HAVING temp > 70.00

Is this something we can do with elastisearch query or the data needs to
be parsed to get the temperature value out of it while loading the data?

Thanks

--
You received this message because you are subscribed to a topic in the
Google Groups "elasticsearch" group.
To unsubscribe from this topic, visit
https://groups.google.com/d/topic/elasticsearch/v2L149ADZWk/unsubscribe.
To unsubscribe from this group and all its topics, send an email to
elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/6fc53bd1-a088-4ed6-a83d-1c00931f023c%40googlegroups.comhttps://groups.google.com/d/msgid/elasticsearch/6fc53bd1-a088-4ed6-a83d-1c00931f023c%40googlegroups.com?utm_medium=email&utm_source=footer
.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/CAN5oP9VmJ339GS8-gAxuYpcV3TRyMuPKDYPv8AsJEZoKm2z7zQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.


(system) #3