Boolean Operations with Dates

infamous · June 13, 2017, 2:17pm

Hi all,

I'm having trouble trying to implement a filter in Kibana visualization that shows unique counts of a string within certain time periods.

I want to show the unique count of a field in a date range of 0-7 days, and then the unique count of that same field for anything after 8+ days minus values that have already appeared in 0-7 days. In other words, I want to show subset A and subset B but not values that are of A and B using date as the criteria.

Using NOT on a date range does not seem to work. Seems like a simple logic problem but I am struggling. Any suggestions?

Thanks!

Brandon_Kobel · June 13, 2017, 6:39pm

@infamous Elasticsearch doesn't support this type of query, and has limited join support

You can get pretty close to what you're looking for using a bar graph with the following configuration, but it's not excluding items from the 8+ days group that have appeared in the 0-7 days group:

infamous · June 13, 2017, 7:07pm

Thank you so much for the reply @Brandon_Kobel. Good to know I was not missing something simple.

Topic		Replies	Views
How do I apply Date Range filter? Kibana	2	4028	July 6, 2017
How to use Date Range filter in Kibana? Kibana	4	36447	September 10, 2019
Kibana - Exclude field with same value Kibana	8	1656	May 23, 2017
How to write using Kibana search bar Kibana	2	310	February 25, 2019
How to filter certain range of hours for each day in bar chart? Kibana	2	3851	December 5, 2016

Boolean Operations with Dates

Related topics