How to aggs data by two or more fields, and get the max value of 'count' field?
I have already config the kibana
Y-Axis: Metrics sum('count'),
X-Axis: Data Histogram @timestamp , interval : sec
terms field(a) order by count desc,
terms field(b) order by count desc,
but because of the number of the data is too large, kibana always change my time interval to 5min
but I want 1s .
and the result of the max count seems wrong because when I config the size of field a , b to 1, the max is a number, when I turn it to 2 or more, the max value is another number... is there some thing wrong?
Welcome to the community @Dosia96 !
Aggregations have change a bit over the last few kibana minors and there were big changes between 7.x and the 8.0 version.
I don't know what version of Kibana you're using, or exactly how you're doing the aggregation (a visualization, a query or a search etc) so I'll give general suggestions.
You could try changing your aggregation to use split rows. In lens:
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
