Exclude records by an existing value in a group

Carlos_Arturo_Bernal · February 4, 2020, 4:25pm

Hello,

I'm currently storing in ElasticSearch build data from Jenkins, related to the success of client deployments. If we see such data as a table, this is what I have:

client_id	build_url	result
123456	http://jenkins.com/build/1	FAILURE
123456	http://jenkins.com/build/2	FAILURE
123456	http://jenkins.com/build/3	SUCCESS
789999	http://jenkins.com/build/4	FAILURE
789999	http://jenkins.com/build/5	SUCCESS
258963	http://jenkins.com/build/6	FAILURE
258963	http://jenkins.com/build/7	FAILURE
458963	http://jenkins.com/build/8	FAILURE

I want to create a table visualization in Kibana that shows all the failed builds for clients that didn't had at least one SUCCESS.

So, for the example data set above, I would expect to only see:

client_id	build_url	result
258963	http://jenkins.com/build/6	FAILURE
258963	http://jenkins.com/build/7	FAILURE
458963	http://jenkins.com/build/8	FAILURE

Does anyone know how I could create this sort of group filtering? I would need this by client_id.

Thank you in advance.

nickpeihl · February 4, 2020, 9:29pm

Hi @Carlos_Arturo_Bernal. Sorry, I don't know of any great ways to do this. The closest I came was with a Top Hit aggregation in TSVB.

Carlos_Arturo_Bernal · February 4, 2020, 10:45pm

@nickpeihl even thought it's not the table that I expected, it could just be good enough for my current needs.

Thanks a lot!

FYI: I was able do the same thing in the table visualization (no TSVB).

nickpeihl · February 4, 2020, 11:04pm

Hi @Carlos_Arturo_Bernal. I believe Kibana would need to support the bucket selector pipeline aggregation to accomplish the filtering. Feel free to add your use case and express your need for this in this issue. https://github.com/elastic/kibana/issues/17544

system · March 3, 2020, 11:04pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.