Create conditional field based on aggregation in table view

Dani_Ruse · February 19, 2020, 12:26pm

Hello all,

I want to create a table with an "Error" column which will be populated with the values "YES" or "NO", depending on whether a sum aggregation has the value lower or greater than 0.

My metric looks as such:

The only problem is that I don't want to display the actual sum of errors, but I want to display YES if sum (error) > 0 and "NO" otherwise.

Is there a way to do that in Kibana? Where should I insert this condition?

Thanks in advance!

wylie · February 19, 2020, 3:55pm

You can't do this in the Kibana Table visualization because it doesn't support bucket scripts like the one you are interested in doing. Here are your options:

Write an ES SQL query in Kibana Canvas that can display this data
Write a custom query and visualization in Vega
Use a Continuous Transform to index pre-aggregated data, and then you can script against the pre-aggregated data

system · March 18, 2020, 3:55pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How to filter visualization based on result of aggregate? Kibana	3	3587	May 2, 2018
If condition in Kibana Table Visualization Kibana	6	3626	June 29, 2022
Remove aggregated sums that equal to 0 from visualization Kibana	2	298	February 23, 2021
Bucket selector Kibana Data table visualization Kibana	2	1864	July 9, 2021
Add new field in Kibana based off condition Kibana	2	508	November 16, 2021

Create conditional field based on aggregation in table view

Related Topics