I have logs with many EventIDs which all contain SubIDs. Now I want to create a pie chart for each eventId value which slices are splitted by the count of the contained SubIDs. The chart with the highest amount of logs should be displayed at the very first place (left) so in descending order.
Since there are more than 100 eventIds it would be very annoying to create one chart for each EventID. So is it possible to do it automatically and have all of the created charts in one widget in descending log count order?
In the aggregations, nest your aggregations from high level to low level.
So, do "split charts" on the EventID first, then do "split slices" on the subIds. Your metric is Count. That should produce a visualization that roughly looks like that picture.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
