For this advent post, I decided I will ask my teammates for their favourite Kibana application. We all picked discover.
Kibana's discover is the most used application of Kibana. It lets you explore your data and ask questions to understand your data. You can also look at distribution of data, top values, do a quick visualization, add run time fields, add a data view, create alerts, generate reports etc. It's a very powerful tool. Of course, you can use it to explore both time-series and non-time series data.
Discover has a sparkly new table now. Its also doing its best to be accessible.
You can use the search bar to ask your questions to discover:
Notice all the new actions you can do on the columns. You can also go full screen.
Full screen:
You can resize discover histogram to see a bigger chart:
You can go inside a document, explore the surrounding documents:
Field statistics tab gives us the ability to check how many documents in the sample contain each field for the selected time period the number of distinct values, and the distribution. Note that you can also explore in lens from under actions.
From discover side bar, there are many actions you can do. You can create a data view(you can save the dataview or use it without saving), switch to a different data view, manage a particular data view.
You can filter fields:
You can add a field:
You can filter in/out or add fields to the column or visualize a column so:
And we also have this awesome new capability to add search threshold alerts in discover to help you:
Hope this quick glance helps you to start exploring your data in Kibana's discover.