Discover - sort on custom fields

Elastic Stack Kibana
1

Hi,

have searched a bit here already. I found many similar questions but no answers. I hope to not annoy by asking: How can I configure the default sorting fields and order in Discover?

To make my point, I could basically copy the request from here: Sorting on custom field.

The major point in there is this:

I would like sort by this [sequence] field automatically, without doing it in Discover manually.
At best, kibana would sort the events by timestamp first and sort the field with the same timestamp by the sequence number.

The topic referred above was closed automatically without further info on solutions/approaches.

I'm using elasticsearch 6.3 with kibana 6.3. What does the Management > Advanced Settings > sort:options really do -- it seems to be ignored completely by now!? Documentation link on that one is not helpful because...

...if I use the Dev Tools > Console and do e.g.

GET _search
{
  "query": {
    "match": { 
      "@timestamp" :  "2018-07-10T12:46:20.615Z"  }
  },
  "sort": [
    { "@timestamp" : "desc" }, 
    { "sequence" : "desc" }
  ]
}

I get the result I want (see quote above).

How do I get Discover to search the same way?

Thanks, indeed!

2

Hi there, please follow this issue for progress on this feature.

Thanks,
CJ

3

You mean the issue you have ignored for nearly five years?

4

Hi Martin,

We've worked hard on numerous other features and bug fixes during this time, and we're here on this forum to help people who want to use our products. Please engage civilly and we'd be glad to try to help you too. Thank you!

Best,
CJ

5

@CJ: But Martin has a point there: The GitHub issue is 5 years old and it doesn't exactly show progress, indeed.

Back to the original topic: What about one of my questions:

What does the Management > Advanced Settings > sort:options really do -- it seems to be ignored completely by now!?

Is there any other documentation explaining if and how that is supposed to be used? As mentioned before, the link into the elasticsearch documentation's sort feature doesn't help.

Not that I expect that this setting solves somehow my actual requirement but it would still be nice to know what the setting does.

Thanks!