Filtering records in kibana based on conditions

anjilinga · April 24, 2020, 11:28am

Hi, Can some one please help in the below scenario.
I have the data 1000 records with each record is having 10 fields.
I want to display the table with number of output fields.
one out put field calculation is :
field 3 = 12 or 13 or 14 and filed 4 = 1 or 2
I am using sum bucket metric aggregation and filters, It is not giving correct results in the combination.
when i use field 3 = 12 or 13 or 14 in one filter and by adding another filter for field 4=1 or 2
it is giving the total records for each filter instead of evaluating the whole condition

mattkime · April 24, 2020, 1:07pm

Hello @anji

Could you provide a sample document and show the calculation you wish to perform? It sounds to me like you wish to perform a calculation with two fields as inputs but I'm not sure if you wish to perform any calculations between documents.

Thanks,
Matt

anjilinga · April 24, 2020, 3:03pm

Hi Matthew,
Thanks for looking in to the issue.

The sample data is
Callid State period accepted
1 2 3 yes
2 3 2 no
3 1 4 no
4 2 3 yes
5 3 2 yes
6 4 3 no

I want find the count of the records with state =2 or 3 and period =2 or 3 in the metric aggregation.

mattkime · April 24, 2020, 3:39pm

You can add a filter to the visualization itself via the query bar in the visualization editor -

anjilinga · April 24, 2020, 3:41pm

Hi Matthew,

it is one of the field in data table. if i apply in search bar it will apply for all the metrics in the table which is not fulfill my equirement.

Even in search bar it is not giving correct result with and and or condition in one query

mattkime · April 24, 2020, 3:43pm

I think you need to write the filter in such a way as to provide the desired result when run on all the documents

anjilinga · April 24, 2020, 3:46pm

Hi Matthew,
Even in search bar it is not giving correct result with and and or condition in one query

is there a way to filter with both or & and operations on two fields in one query to give the correct results

mattkime · April 24, 2020, 3:47pm

what query did you try and how did the result fail?

anjilinga · April 24, 2020, 3:54pm

Hi Matthew,
I want the result with the condition (state :2 or sate :3) and (period :2 or period :3)

while i entering in kibana it is taking as below
state :2 or state:3 and period: 2 or period : 3

mattkime · April 24, 2020, 4:02pm

try (state :2 or state:3) and (period: 2 or period : 3)

anjilinga · April 27, 2020, 7:55pm

Thanks Matthew it is working now

system · May 25, 2020, 8:03pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.