Hello, let's say I have temperature readings from devices:
{dev_id, time, temperature}
I would like to do two things:
Show number of readings that have temperature greater than average temperature.
Show number of devices that have temperature greater than average temperature.
I was thinking about using timelion's "if" function but as I understand it, it is for filtering computed aggregates, where I would like to filter the "RAW" events before I apply aggregations on them.
Best I know there isn't a way to filter by the result of an aggregation (in this case an average aggregation). You might be able to get part of the way with the percentiles metric, which could show you things like how many readings are in the 50-th percentile, but I'm not 100% that's what you're looking for...
Thank you for the replay. Would it be possible to have that percentile computed on device not event level?
I mean, let's say I have events of logging into the system. If the logging was successful I have "success:1", otherwise 0.
Is it possible to somehow show distribution of users by successful rate?
In SQL I would do something like:
select avg(success) from events group by user_id
And then draw a histogram from the distribution of users or show multiple percentiles, but I'm somehow not able to translate it to Kibana's visualisation. Groupping by terms allows to group only by fixed number of them. I feel like I'm missing something simple here
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.