I am trying to graph Boolean values (true/false) in Kibana. I am using unique count to plot the parsed out Boolean data. By default kibana assigned the data as string and is plotting 1- False and 2 - True when it should be 0 - False 1- True. I am not sure what's causing this. I changed the data type to Boolean but there's no change in the output. Can anybody help?
I created a pie chart visualization with Terms aggregation and field set to Boolean field,
you will see that the tooltip and the legend mentions 1 instead of true and 0 instead of false as value. Which is right representation.
May I ask what type of visualization you are trying to create ? Can you also check your index pattern and compare what type your fields are vs. what a usable mapping looks like:
Elasticsearch is responsible for assigning the fields as string and not Kibana. I would recommend you to re-check your mappings.
Hope this helps.
I am trying to create a bar graph to identify ping timeouts from devices. I am using unique count -> timedout field for Y-axis and timestamp for X-axis
Am not sure what you are asking for. Am able to successfully create visualizations for boolean values in Kibana. May be you can elaborate more on your question with accurate steps.
So i managed to change my field to boolean by using the mutate filter in my logstash config file. When I refreshed the fields i got a error asking me to reindex the fields. I by mistake deleted the index, I was using the allow all index (*) and since the index got deleted I am not able to see any of my logs and created dashboards/ graphs. I tried restarting the bitnami service but it is failing as well. Seems like I have gotten myself into a a much bigger problem while trying to solve a small issue. Please help.
I have managed to set the variable type to boolean as in the above image you sent. However, it is still showing me 1- True and 2 - False instead of 0/1.
I am plotting a bar graph.
The y-axis details are unique count(aggregation) -> timeout (boolean value obtained from logstash filter)(field)
X-axis - Date Histogram(aggregation) with syslog timestamp(field).
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.