I have a requirement to capture hourly count. Basically i'm pulling the data from database through logstash and storing in elastic search and want to prepare dashboard in Kibana.
The count is pulled in such a way that I get count for entire day from 12 AM and the query is executed at 59th min. E.q. at 12.59 AM query fire and with get the "count_in_today" as 100, 1.59 AM "count_in_today" would be 135, 2.59 AM "count_in_today" would be 200 and so on.
I want to show data in kibana in hourly manner. 1 AM - Count 100, 2 AM - Count 35, 3 AM - Count 65.
I also have a field "hour_now" type number which gives hour in 24hrs format when query gets executed. E.g. at 12.59AM, "hour_now" = 0, at 1.59AM, "hour_now"=1
I don't find any way to segregate the data.