I'm trying to create a bar graph that counts hosts that have returned HTTP 500 in response to a request. The relevant record structure:
{ "host": <hostname>, "status": <HTTP response status> }
In SQL this would be "SELECT COUNT(*) FROM logs WHERE status=500 GROUP BY host". Not sure how to do this in Kibana. 
I got it figured out. What I did was to create a vertical bar visualization where the Y axis was "count" and the X axis was a "Terms" aggregation with "host" as the term. Then, in the search bar, I put "status: 500". This gave me the count I needed.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.