Compare two values in a single field of same index

sampy12345 · September 22, 2019, 8:35am

Hi All,

I am new to Kibana and wanted to check last 4 hours difference between two values which are in in a single field of same index.

Below is a small example

My Index have 5 fields ( datetime, state, errorcode, filename, os_type)

In state field i have 4 different values( picked, notpicked, completed, inprogress)

My requirement is : In last 4 hour i need to check state fields with picked & completed are how many with counts.

Please help me in sorting out this

markov00 · September 24, 2019, 1:36pm

Hi,
you can achieve this in few different ways:

you can create a horizontal bar visualization with a term bucket aggregation and you can add than a filter on the visualization specifying only picked and completed

Screenshot 2019-09-24 at 15.34.14.png2150×1608 255 KB
similar to the horizontal bar you can have a data table with the same results if you prefer showing just the numbers

If you want the sum of the count of picket and completed, just disable the bucketing and keep the filter on.

system · October 22, 2019, 1:36pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.