Hello to every one,
I have a simple data table visualization that using the sum metric on a field and displaying the results in a data table.
Now my goal is to display only results that the sum is greater than X value. I didn't found any solution to this at the Kibana level, but I've managed to do that in elastic query with bucket selector and script, but from quick searching online I've figured out that bucket selector is not a feature in Kibana visualization at all.
Can someone provide me better option for my use case? Thank you very much!
It is the case that Kibana visualizations currently don't support bucket selector aggregations. There are a couple of options you may be interested in (IMO the first one is simpler):
Use the Transform feature to aggregate the source index into a reporting-friendly index that can be displayed in either Data Tables or Lens.
In the following example, a sample index containing user and value fields groups using the user field as terms and sums value to create a new sum_of_value field; this new sum_of_value field can then be filtered on for display purposes in visualization.
Create a custom data table visualization using Vega and the bucket selector aggregation.
Vega is a declarative language for describing visualizations, and Kibana supports Vega visualizations using data from custom Elasticsearch queries. A data table output would look something as follows; there is no native table element in Vega so one would leverage rectangle and text objects instead; the example code is here.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
