Daily Average Count visualization help

Elastic Stack Kibana
1

Hi guys,

I've only just started visualizing some data for my work and I was hoping someone could advise how to best go about this request:

  • For each error code there is a comparison count of Current Day errors to daily Average using previous 7 days.

So in my data, every document has an error code associated with it (0 being no error).

Is there a nice way to visualize this data? perhaps in a data table? I know I need to split the data on the errorNo term however I am a bit lost trying to figure out which type of bucket aggregation I should be using to do the comparison of current day to the past 7 days daily average.

My first guess is something with the Average Bucket aggregation type but I don't know what Sub Aggregation would be correct.

Any tips?

Thank you :slight_smile:

2

Actually I think I just figured this out. :smiley:

I used a Data Table to visualize this:

Metrics

Sum Bucket Metric

  1. Sum Bucket Aggregation
  2. Date Range Aggregation
  3. @timestamp Field
  4. From: now/d-10 To: now

Average Bucket Metric

  1. Average Bucket Aggregation
  2. Date Histogram Aggregation
  3. @timestamp Field
  4. Daily Interval

Buckets

  1. Split Rows
  2. Terms Aggregation
  3. errorNo field
  4. Order by Custom Metric: Count

:+1:

3

Might also mention: date range visualization should default to desktop timezone #14450

Ran into this issue when doing the Sum Bucket Aggregation. Would be nice if now used the browser's TimeZone (or whatever was specified in the Kibana general settings)