Hello,
I am using ELK Stack 7.3.2 and working on a use case where a query that displays all rows which will have not had an update within 2 minutes as status=DOWN otherwise UP or WARN.
I was playing with Canvas and was able to get it partially working using DataTable element.
Is there a way to clean it up and show colors for UP green and DOWN read in any way possible?
filters
| essql
query="SELECT processName, processType, hostname, status, NOW() as Now, "@timestamp" as Time, 0 as Diff FROM "boris-index" "
| mapColumn "Time" expression={getCell "Time" | formatdate "X"}
| mapColumn "Now" expression={getCell "Now" | formatdate "X"}
| alterColumn "Time" type="number"
| alterColumn "Now" type="number"
| mapColumn "Diff" expression={math "subtract(Now,Time)"}
| mapColumn "status" expression={if {getCell "Diff" | gt 120} then="DOWN" else={getCell "status"}}
| columns exclude="Now,Time,Diff"
| table
| render
Is there a way to make it more usable to visualize uptime?