Extending filter bar functionality

alepuccetti · February 13, 2018, 4:41pm

It would be useful to improve data analytics functionality having a filter functionality that creates a filter matching all the value of a specific field for the current view.

Use case:
View all the document produced by entities (hosts, container, users, etc...) that have a specific behavior.

Practical example:
See all the documents created by a group of hosts that created a specific kind of error in a certain timeframe.

At the current state of Kibana, you have to find all these host ids and create a filter to match those ids manually.

It would be nice to have a filter type that will do this for you:

Select field name.
Select the new filter type (e.g. values), optionally set the top N hit.
Save. At this point, Kibana should run a query to get these ids by running a query with the current filter and time settings and build a filtered query.
Now you can deactivate all the other filters and you will see all the document produced by the hots identified by the first analysis.

From the Github issue: https://github.com/elastic/kibana/issues/16702

I am currently working on this but I am not very familiar with JavaScript and Kibana internal, so any help or direction would be great.

What I am struggling with:

Get the Elasticsearch client to run the query.
Run the query to get the IDs with the current state of filter and time picker.

Any help will be deeply appreciated.

Thanks

spalger · February 13, 2018, 7:52pm

Interesting idea @alepuccetti, I'll keep my responses to the github issue.

alepuccetti · February 13, 2018, 8:01pm

I hope I will have a POC in a week. I will be at Elastic{ON} end of February in San Francisco, we could talk about this in person and I can show you some of our use cases.

alepuccetti · February 15, 2018, 11:20am

What I am trying to achieve is very similar to what is done in registerValueSuggestions but instead of getting some suggestions I want to get out all the values (optionally with an upper bound limit). The other difference is that I want to get those value within the current context (applying time restriction and filters to the suggestion query).

system · March 15, 2018, 11:20am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Custom Interactive Filters in Kibana Kibana	4	788	February 15, 2022
[Kibana 5.1.2] Create filter from scratch Kibana	3	537	February 15, 2017
Filter based on queries saved in an index Elasticsearch	1	379	February 19, 2018
Filter applied to specific data view (index pattern) Kibana	5	2228	July 14, 2022
Cannot add filters Kibana	3	1356	January 5, 2017

Extending filter bar functionality

Related topics