I use: Kibana, Elastic, MetricBeat
I try to recreate this example: https://www.elastic.co/guide/en/kibana/6.1/timelion-math.html
with system.network.out.bytes but I get negative values.
Why I get negative values? Why we have to use max but not avg here?
When I split it by value "beat.hostname" I also get negative values:
It looks to me like some of the ranges possibly have no data, meaning the max system.network.in.bytes is 0 for that interval. Could you try setting an interval to something other than "auto", like perhaps "1m"?
The reason you're getting negative values is because a derivative shows the rate of change, and if you have one interval where the value is 10 million, and then the next interval has no data (and thus a max of 0), the rate of change is -10 million, which is what is displayed in the graph.
What in such case is the best to use: avg or max?
Here is the result when I use interval = 1m
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.
