Exclude records by an existing value in a group

Elastic Stack Kibana
1

Hello,

I'm currently storing in ElasticSearch build data from Jenkins, related to the success of client deployments. If we see such data as a table, this is what I have:

client_id build_url result
123456 http://jenkins.com/build/1 FAILURE
123456 http://jenkins.com/build/2 FAILURE
123456 http://jenkins.com/build/3 SUCCESS
789999 http://jenkins.com/build/4 FAILURE
789999 http://jenkins.com/build/5 SUCCESS
258963 http://jenkins.com/build/6 FAILURE
258963 http://jenkins.com/build/7 FAILURE
458963 http://jenkins.com/build/8 FAILURE

I want to create a table visualization in Kibana that shows all the failed builds for clients that didn't had at least one SUCCESS.

So, for the example data set above, I would expect to only see:

client_id build_url result
258963 http://jenkins.com/build/6 FAILURE
258963 http://jenkins.com/build/7 FAILURE
458963 http://jenkins.com/build/8 FAILURE

Does anyone know how I could create this sort of group filtering? I would need this by client_id.

Thank you in advance.

2

Hi @Carlos_Arturo_Bernal. Sorry, I don't know of any great ways to do this. The closest I came was with a Top Hit aggregation in TSVB.

Screenshot_2020-02-04 Jenkins failures - Kibana
Screenshot_2020-02-04 Jenkins failures - Kibana2560×2616 252 KB

3

@nickpeihl even thought it's not the table that I expected, it could just be good enough for my current needs.

Thanks a lot!

FYI: I was able do the same thing in the table visualization (no TSVB).

4

Hi @Carlos_Arturo_Bernal. I believe Kibana would need to support the bucket selector pipeline aggregation to accomplish the filtering. Feel free to add your use case and express your need for this in this issue. https://github.com/elastic/kibana/issues/17544

5

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.