Filtering on the combination of two condition in bucket aggregation

anjilinga · April 28, 2020, 5:31pm

I have the index with the data for multiple groupids with other fields status and description etc.
The posible values for status is error, success, inprogress, new.
Want to display below in datatable

the number of groupids which are having status as success with out error.
the number of groupids which are having status as success with one error
the number of groupids which are having status as success with two error
the number of groupids which are having status as success with three error

The sample data is

Date	Callid	Status
28/04/2020 08:10	callid1	new
28/04/2020 08:12	callid1	error
28/04/2020 08:15	callid1	success
28/04/2020 08:18	callid2	new
28/04/2020 08:20	callid2	error
28/04/2020 08:30	callid3	inprogress
28/04/2020 08:40	callid3	success
28/04/2020 08:50	callid4	error
28/04/2020 08:51	callid4	error
28/04/2020 08:52	callid4	error
28/04/2020 08:53	callid4	success

Marius_Dragomir · May 4, 2020, 8:42pm

I think the easiest way to do this would be with ESQL queries in Canvas. https://www.elastic.co/blog/getting-started-with-canvas-in-kibana

system · June 1, 2020, 8:42pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.