Drawing a time based graph

George915 · March 22, 2022, 7:47pm

Hi ELK community, newbie ELK user here.
I have a time based document as shown below and I was able to insert it in my Elasticsearch. I set up the timestamps field as a date date type. Timestamps are epoch time. I want to draw a graph using the values in the timestamps node as the x-axis, and the values in the values node as the y-axis. How can I do that in Kibana?
thanks in advance.

{
    "totalCount": 1,
    "nextPageKey": null,
    "resolution": "1m",
    "result": [
        {
            "metricId": "some_id",
            "data": [
                {
                    "dimensions": [
                        "SERVICE-AC6A35F295E50FEB"
                    ],
                    "dimensionMap": {
                        "dt.entity.service": "SERVICE-AC6A35F295E50FEB"
                    },
                    "timestamps": [
                        1647643020000,
                        1647643080000,
                        1647643140000,
                        1647643200000,
                        1647643260000,
                        1647643320000,
                        1647643380000,
                        1647643440000,
                        1647643500000,
                        1647643560000,
                        1647643620000,
                        1647643680000,
                        1647643740000,
                        1647643800000,
                        1647643860000,
                        1647643920000,
                        1647643980000,
                        1647644040000,
                        1647644100000,
                        1647644160000,
                        1647644220000,
                        1647644280000,
                        1647644340000,
                        1647644400000,
                        1647644460000,
                        1647644520000,
                        1647644580000,
                        1647644640000,
                        1647644700000,
                        1647644760000,
                        1647644820000,
                        1647644880000,
                        1647644940000,
                        1647645000000,
                        1647645060000,
                        1647645120000,
                        1647645180000,
                        1647645240000,
                        1647645300000,
                        1647645360000,
                        1647645420000,
                        1647645480000,
                        1647645540000,
                        1647645600000,
                        1647645660000,
                        1647645720000,
                        1647645780000,
                        1647645840000,
                        1647645900000,
                        1647645960000,
                        1647646020000,
                        1647646080000,
                        1647646140000,
                        1647646200000,
                        1647646260000,
                        1647646320000,
                        1647646380000,
                        1647646440000,
                        1647646500000,
                        1647646560000,
                        1647646620000
                    ],
                    "values": [
                        33668.676711439424,
                        33007.39453125,
                        32910.22194298323,
                        33005.921739022946,
                        32973.4765625,
                        33148.703125,
                        33745.24221956224,
                        33266.625,
                        32821.60546875,
                        33531.44784182393,
                        32466.424982123037,
                        32682.992745165175,
                        32903.4431323902,
                        32871.4921875,
                        32705.736328125,
                        32596.0703125,
                        33155.5038051792,
                        33096.03129281958,
                        33129.944752268864,
                        32986.76763337606,
                        33257.97265625,
                        33350.9609375,
                        33218.35231977859,
                        32965.47322674551,
                        33027.58203125,
                        32756.281625387855,
                        32718.438373766447,
                        33024.555585118826,
                        33001.69140625,
                        32910.3671875,
                        32806.40824128301,
                        32864.33984375,
                        33224.4765625,
                        33561.46484375,
                        33389.38651036219,
                        33511.05859375,
                        32995.08900885784,
                        33305.66143887801,
                        33517.86830953862,
                        32934.625,
                        32881.85546875,
                        33318.37152169765,
                        33436.265408921514,
                        33706.43359375,
                        33738.11210749699,
                        33287.52156952486,
                        33490.91796875,
                        33611.453125,
                        33772.046875,
                        33301.79296875,
                        33586.15625,
                        33160.26171875,
                        33637.86818154916,
                        32987.95055329398,
                        33281.55859375,
                        33118.62801149273,
                        32916.746851702854,
                        32821.869818457446,
                        32475.644211351,
                        32851.913126518644,
                        null
                    ]
                }
            ]
        }
    ]
}

flash1293 · March 29, 2022, 8:57am

Is the JSON from your post a single document? If yes, it will be hard to visualize in Kibana in this shape - maybe you can change it to be broken up into separate documents per data point?

{ timestamp: 1647643020000, value: 33668.676711439424  }
{ timestamp: 1647643080000, value: 33007.39453125  }
...

Those are much easier to deal with in Kibana.

It is also possible to visualize the document in it's current shape, but it would require you to use the vega language to do the processing (matching timestamps and values to pairs, flattening them out and passing them to the chart) which is probably harder to maintain in the long run than to do this processing before indexing the data into Elasticsearch in the first place.

Let me know whether that makes sense, I can help you with follow-up questions in either direction.

system · April 26, 2022, 8:57am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Line chart data problem Kibana	2	293	December 24, 2018
How to create a Graph Kibana	2	268	November 2, 2020
Display non Aggregated field on Y-axis with date Histogram Kibana	6	3405	July 6, 2017
Plot a scattard graph in kibana by using 2 fields, one on y axis and other on x axis Kibana	2	271	September 27, 2020
How to plot timestamp field against a float field in kibana Kibana	11	1359	June 27, 2019

Drawing a time based graph

Related topics