Hi Darpan,
You can use Groovy scripts within Kibana, but you have to use some of its advanced features to effectively make it do what you want. However, the way to do it depends on where the script needs to go. Can you write the query that you want to be processed?
{
"query" : {
"filtered" : {
"script" : {
"script" : "your-script-name"
}
}
}
}
If that's the case, then you can actually supply the inner-query portion in the Kibana search box:
{ "filtered" : { "filter" : { "script" : { "script" : "your-script-name" } } } }
If you want to use your script to customize an aggregation value, then you can do that too, but it takes a few extra steps.
-
Create a custom script field. The value of it is irrelevant, but this is limited because Kibana's script fields are currently only able to use Lucene Expressions, which can only work with numeric fields (not dates, nor strings). For this example, I created one named
custom.count. -
In the Visualization, select the script field.
-
Once selected, expand the "Advanced" link below the field.
-
Under the advanced link, enter your script into the JSON Input field as shown. Be sure to add the
"lang" : "groovy"portion in order to override the script field's"lang" : "expression".
-
From there, the
custom.countfield (as shown) is replaced with the JSON Input that you supply. Any field(s) that you supply, such as"script"or"lang"will override those supplied by Kibana. If you don't override it, then it gets combined with your input. This is why it's necessary to create a script field.You can see the results of your efforts by clicking on the arrow directly below the visualization. From there, you can select the "Request" button/tab and see the request that is sent to Elasticsearch. You can use that to understand how your request is actually being sent. Note: I actually tested it with a dynamic script, which I have enabled locally for testing; using dynamic scripts is absolutely not recommended for production.
Hope that helps.