Calculating Average Daily Count over 30 Days

Clay_Curtis · January 31, 2021, 3:21pm

I am trying to make a table visualization that shows the 30-day averages of the daily averages of log volume (count) per per log source split by type.

For example,

If I have 10 log sources, half are firewalls, and half are windows hosts. Firewalls send logs that are of type “firewall”, and windows hosts send logs of type “wineventlog”.

I am trying to see what the 30-day average of the daily average document count is per host split by type.

I cannot seem to get the kibana table visualization quite right for this. Does anyone know how to do this calculation?

ppisljar · February 1, 2021, 7:42am

in classical visualizations this won't be possible. You can do a moving avarage but you can't specify your period (30 day). This might be possible from TSVB however, selectng moving average aggregation you can select the window size.

under panel options select daily interal
count metric
moving average metric with window size 30 on count
group by term on your log type field

i hope this is helpful.

Topic		Replies	Views
Get average of daily count in Kibana Data Table visualization Kibana	2	3355	August 2, 2018
Average number of logs Kibana	2	1022	September 3, 2018
30 Day Daily Average Gauge Kibana	4	1085	July 27, 2021
Average and Count metric in the same Vertical Bar Kibana	2	773	February 26, 2020
Visualize moving average and standard devaition of daily count Kibana	2	1355	July 6, 2017

Calculating Average Daily Count over 30 Days

Related topics