Drawing a time based graph

George915 · March 22, 2022, 7:47pm

Hi ELK community, newbie ELK user here.
I have a time based document as shown below and I was able to insert it in my Elasticsearch. I set up the timestamps field as a date date type. Timestamps are epoch time. I want to draw a graph using the values in the timestamps node as the x-axis, and the values in the values node as the y-axis. How can I do that in Kibana?
thanks in advance.

{
    "totalCount": 1,
    "nextPageKey": null,
    "resolution": "1m",
    "result": [
        {
            "metricId": "some_id",
            "data": [
                {
                    "dimensions": [
                        "SERVICE-AC6A35F295E50FEB"
                    ],
                    "dimensionMap": {
                        "dt.entity.service": "SERVICE-AC6A35F295E50FEB"
                    },
                    "timestamps": [
                        1647643020000,
                        1647643080000,
                        1647643140000,
                        1647643200000,
                        1647643260000,
                        1647643320000,
                        1647643380000,
                        1647643440000,
                        1647643500000,
                        1647643560000,
                        1647643620000,
                        1647643680000,
                        1647643740000,
                        1647643800000,
                        1647643860000,
                        1647643920000,
                        1647643980000,
                        1647644040000,
                        1647644100000,
                        1647644160000,
                        1647644220000,
                        1647644280000,
                        1647644340000,
                        1647644400000,
                        1647644460000,
                        1647644520000,
                        1647644580000,
                        1647644640000,
                        1647644700000,
                        1647644760000,
                        1647644820000,
                        1647644880000,
                        1647644940000,
                        1647645000000,
                        1647645060000,
                        1647645120000,
                        1647645180000,
                        1647645240000,
                        1647645300000,
                        1647645360000,
                        1647645420000,
                        1647645480000,
                        1647645540000,
                        1647645600000,
                        1647645660000,
                        1647645720000,
                        1647645780000,
                        1647645840000,
                        1647645900000,
                        1647645960000,
                        1647646020000,
                        1647646080000,
                        1647646140000,
                        1647646200000,
                        1647646260000,
                        1647646320000,
                        1647646380000,
                        1647646440000,
                        1647646500000,
                        1647646560000,
                        1647646620000
                    ],
                    "values": [
                        33668.676711439424,
                        33007.39453125,
                        32910.22194298323,
                        33005.921739022946,
                        32973.4765625,
                        33148.703125,
                        33745.24221956224,
                        33266.625,
                        32821.60546875,
                        33531.44784182393,
                        32466.424982123037,
                        32682.992745165175,
                        32903.4431323902,
                        32871.4921875,
                        32705.736328125,
                        32596.0703125,
                        33155.5038051792,
                        33096.03129281958,
                        33129.944752268864,
                        32986.76763337606,
                        33257.97265625,
                        33350.9609375,
                        33218.35231977859,
                        32965.47322674551,
                        33027.58203125,
                        32756.281625387855,
                        32718.438373766447,
                        33024.555585118826,
                        33001.69140625,
                        32910.3671875,
                        32806.40824128301,
                        32864.33984375,
                        33224.4765625,
                        33561.46484375,
                        33389.38651036219,
                        33511.05859375,
                        32995.08900885784,
                        33305.66143887801,
                        33517.86830953862,
                        32934.625,
                        32881.85546875,
                        33318.37152169765,
                        33436.265408921514,
                        33706.43359375,
                        33738.11210749699,
                        33287.52156952486,
                        33490.91796875,
                        33611.453125,
                        33772.046875,
                        33301.79296875,
                        33586.15625,
                        33160.26171875,
                        33637.86818154916,
                        32987.95055329398,
                        33281.55859375,
                        33118.62801149273,
                        32916.746851702854,
                        32821.869818457446,
                        32475.644211351,
                        32851.913126518644,
                        null
                    ]
                }
            ]
        }
    ]
}

flash1293 · March 29, 2022, 8:57am

Is the JSON from your post a single document? If yes, it will be hard to visualize in Kibana in this shape - maybe you can change it to be broken up into separate documents per data point?

{ timestamp: 1647643020000, value: 33668.676711439424  }
{ timestamp: 1647643080000, value: 33007.39453125  }
...

Those are much easier to deal with in Kibana.

It is also possible to visualize the document in it's current shape, but it would require you to use the vega language to do the processing (matching timestamps and values to pairs, flattening them out and passing them to the chart) which is probably harder to maintain in the long run than to do this processing before indexing the data into Elasticsearch in the first place.

Let me know whether that makes sense, I can help you with follow-up questions in either direction.

system · April 26, 2022, 8:57am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Line chart data problem Kibana	2	292	December 24, 2018
Need to generate response time graphs from apache logs, average and pct95 Kibana	4	2187	July 20, 2018
Kibana split based on date Kibana	3	1417	November 9, 2017
Using X-axis values in queries to determine Y-axis in Kibana Kibana	4	521	June 25, 2018
Kibana cannot visualize my variables. Kibana	2	132	March 25, 2024

Drawing a time based graph

Related Topics