Calculate values during visualize log data with Kibana4

Elastic Stack Elasticsearch
1

Hello

I am trying to evaluate ELK to help visualize my log data as we did with
other tools till now.
I have some log data like

15 1424376130.979 84 10.0.0.210 TCP_MISS/200 104708 GET
http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org
text/html
16 1424376132.409 11 10.0.0.210 TCP_REFRESH_HIT/200 104573 GET
http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org
text/html
17 1424376133.240 10 10.0.0.210 TCP_REFRESH_HIT/200 104573 GET
http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org
text/html
18 1424376133.937 11 10.0.0.210 TCP_REFRESH_HIT/200 104573 GET
http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org
text/html
19 1424376134.644 6 10.0.0.210 TCP_REFRESH_HIT/200 104573 GET
http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org
text/html
20 1424376135.366 9 10.0.0.210 TCP_REFRESH_HIT/200 104573 GET
http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org
text/html
21 1424376136.057 11 10.0.0.210 TCP_REFRESH_HIT/200 104573 GET
http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org
text/html
22 1424376136.821 12 10.0.0.210 TCP_REFRESH_HIT/200 104573 GET
http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org
text/html
23 1424376137.410 25 10.0.0.210 TCP_REFRESH_HIT/200 104573 GET
http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org
text/html
24 1424376137.956 12 10.0.0.210 TCP_REFRESH_HIT/200 104573 GET
http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org
text/html
25 1424376138.508 23 10.0.0.210 TCP_REFRESH_HIT/200 104573 GET
http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org
text/html
26 1424376139.142 17 10.0.0.210 TCP_REFRESH_HIT/200 104573 GET
http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org
text/html
27 1424376139.713 26 10.0.0.210 TCP_REFRESH_HIT/200 104573 GET
http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org
text/html
28 1424376140.404 20 10.0.0.210 TCP_REFRESH_HIT/200 104573 GET
http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org
text/html
29 1424376141.084 21 10.0.0.210 TCP_REFRESH_HIT/200 104573 GET
http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org
text/html
30 1424376141.677 25 10.0.0.210 TCP_REFRESH_HIT/200 104573 GET
http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org
text/html
31 1424376142.216 25 10.0.0.210 TCP_REFRESH_HIT/200 104573 GET
http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org
text/html
32 1424376142.937 44 10.0.0.210 TCP_REFRESH_HIT/200 104573 GET
http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org
text/html
33 1424376144.726 13 10.0.0.210 TCP_REFRESH_HIT/200 104573 GET
http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org
text/html
34 1424376170.692 32 10.0.0.210 TCP_REFRESH_HIT/200 104565 GET
http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org
text/html
35 1424376172.692 213 10.0.0.210 TCP_REFRESH_HIT/200 104565 GET
http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org
text/html
36 1424376173.400 10 10.0.0.210 TCP_REFRESH_HIT/200 104565 GET
http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org
text/html
37 1424376174.895 9 10.0.0.210 TCP_REFRESH_HIT/200 104565 GET
http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org
text/html
38 1424376274.397 1384 10.0.0.210 TCP_MISS/200 86976 GET
http://www.citrix.co.jp/products.html?posit=glnav - DIRECT/www.citrix.co.jp
text/html

These log data is with timestamp in the unit of milliseconds. I succeed to
put it into elasticsearch, but can somebody advise how I can do this with
kibana4?

  • Calculate the HIT ratio per second. The Hit ration will be calculated as
    the percentation of "HIT" happens among all logs in that time.

Thanks,
Cong

--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/9c3cba40-48d0-4837-a1f0-62b06f12740c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.