Create conditional field based on aggregation in table view

Dani_Ruse · February 19, 2020, 12:26pm

Hello all,

I want to create a table with an "Error" column which will be populated with the values "YES" or "NO", depending on whether a sum aggregation has the value lower or greater than 0.

My metric looks as such:

The only problem is that I don't want to display the actual sum of errors, but I want to display YES if sum (error) > 0 and "NO" otherwise.

Is there a way to do that in Kibana? Where should I insert this condition?

Thanks in advance!

wylie · February 19, 2020, 3:55pm

You can't do this in the Kibana Table visualization because it doesn't support bucket scripts like the one you are interested in doing. Here are your options:

Write an ES SQL query in Kibana Canvas that can display this data
Write a custom query and visualization in Vega
Use a Continuous Transform to index pre-aggregated data, and then you can script against the pre-aggregated data

system · March 18, 2020, 3:55pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.