Control visualization

graimato · May 5, 2021, 9:26am

Dear all,
it is possible to use Control visualization to filter on group of parameters?
Suppose that there are:

Test
- ServerTest-1
- ServerTest-2
Prod
- ServerProd-1
- ServerProd-2

It is possible to have Control to choose Test or Prod and have all information about host.hostname: ServerTest* or host.hostname: ServerProd*?

Thank for your time

Wolfram_Haussig · May 6, 2021, 6:55am

Hi,

Yes, you can - you need a control viz with 2 separate option lists(one for Test/Prod and one for the servers). For the server control you configure the environment as parent:

This leads to the following result:

When you select an environment the hostname becomes active and provides you with a list of hosts to choose from.

Best regards
Wolfram

graimato · May 6, 2021, 9:01am

Thanks @Wolfram_Haussig
for your quick response, I understand the idea and I think that It can works, but do you think that I have to create the

environment field using tags or fields.env from metricbeat.yml file configuration?

thanks so much

Wolfram_Haussig · May 6, 2021, 9:21am

You need to use the fields.env option as tags cannot create keys with values as it is an array of keywords(see definition here). It could be possible to use the tags (though I have not tried it myself) by specifying tags as field name for the environment but if there are other tags added to the event those would show up as well(e.g. grok_parse_failure, ...).

graimato · May 6, 2021, 9:36am

thanks @Wolfram_Haussig ,
I tried with tags and with fields.env I have correct data into discover ex:
fields.env: testenv

but when I try to create the first option list I do not see env Field

thanks so much

Wolfram_Haussig · May 6, 2021, 9:37am

Have you updated the kibana index pattern?

graimato · May 6, 2021, 9:44am

Yes I did but I think that the operation was slow now I have field
Thanks so much for your help

graimato · May 6, 2021, 9:56am

No @Wolfram_Haussig sorry for the previous message. I have the field in to discovery as string but I continue to do not see field in visualization Field. It is strange

Wolfram_Haussig · May 6, 2021, 10:28am

Can you please check what the index pattern page says about this field? I have just checked the documentation here: https://www.elastic.co/guide/en/kibana/current/enhance-dashboards.html

The dropdown menu is dynamically populated with the results of a terms aggregation

My guess is that the field is not marked as aggregatable in the index pattern. more than likely, the field was automatically mapped as text instead of keyword which does not support aggregation.

graimato · May 6, 2021, 10:37am

Thanks so much for your help,
I'll refresh the index I'm sure that your solution is perfect for my problem thanks so much @Wolfram_Haussig

system · June 3, 2021, 10:38am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Visualization and Dashboard Suggestion/Question Kibana	2	429	October 25, 2019
Kibana Control options - show only certain values Kibana	3	597	June 30, 2022
Not all data in controls visualization Kibana Kibana	2	525	December 26, 2019
Visualization of controls kibana 7.2 Kibana	1	279	July 31, 2020
Control vizualization ignore filter Kibana	2	1084	July 2, 2020

Control visualization

Related topics