Heatmap 24h - 7d

Elastic Stack Kibana
1

I can't get my heatmap to work.
Days of Week at the X-Axis. (7 colums)
Hours of the day at the Y-Axis (24)

Metrics: I use Count, because I want to count how many occurrences are in one hour.
It looks like this at the moment:

1
1.jpg1730×1185 196 KB

But I want something like that:
https://discuss.elastic.co/uploads/short-url/51Qvc5AhgKGsvvqZC0RT4Rc19cR.png

That is my mapping:
{
"properties": {
"IP": {
"type": "ip",
"store": true
},
"address": {
"type": "keyword",
"store": true
},
"addressType": {
"type": "keyword",
"store": true
},
"channel": {
"type": "short",
"store": true
},
"date": {
"type": "date",
"format": "epoch_millis"
},
"location": {
"type": "keyword",
"store": true
},
"rssi": {
"type": "short",
"store": true
},
"ssid": {
"type": "keyword",
"store": true
},
"type": {
"type": "keyword",
"store": true
}
}
}

2

You're going to want to create two scripted fields: One for hour_of_day with a script of doc['@timestamp'].value.hourOfDay, and another for day_of_week with a script of doc['@timestamp'].value.dayOfWeek.

Once you've created these, you can use them in visualizations, and you'll want to do a heatmap visualization and select a histogram of day_of_week with interval of one for x-axis, and a histogram of hour_of_day with interval of one for the y-axis.

Hope that helps!

image
image.png1616×914 36.2 KB

4 Likes
3

For a more effective option, you can also extra the hour and day into their own fields in the document and then run an agg directly. Scripts are great for adhoc stuff, but you really want to have their own fields in the long run.

1 Like
4

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.