I can perform a search on index pattern with range queries on certain fields and I wanted to do visualization on the same set of fields. However these fields are not available in any kind of visualization. Any idea of what I am doing wrong ? I am using kibana/elasticsearch 5.6
I can post any necessary information here.
Thanks in advance
Hi there, could you share some screenshots indicating what you're seeing in Discover and Visualize?
Here are some similar threads which might also be helpful:
The solution in both cases involved changing the mapping.
Thanks,
CJ
Here are the relevant screenshots.
I looked into both threads and I don't think my problem is similar to theirs.
Thanks! See the question mark next to the field in Discover? That means the field mapping is of an unknown type. It needs to be of number type in order for it to be available for a range aggregation. You can try refreshing your index pattern in Management > Index Patterns by clicking the refresh icon at the top right corner of that screen. If that doesn't resolve your problem you can try deleting the index and reindexing to create new mappings.
Please let me know if this helps.
CJ
That's very useful to know
convert => {
"response_code" => "integer"
"latency" => "float"
"upstream_latency" => "float"
"bytes" => "integer"
}
}
I could do proper range queries on these numbers.
Without doing any extra mapping configuration, I split off these types of logs into own index, in the management console these fields show up with correct types.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.